''SecurityDomain'' Element

SecurityDomain element is used to define a security domain for a web application. This element must be configured in global configuration, e.g. in Common Definitions page.

The name of the security domain to use. Usually "main" is used as the domain name. This name is also preset for all the Security elements and unless there is no special requirement it can be left like that.

Select a Security Broker from the list. It is recommended to select a broker that supports the database system your application is using. If there is no broker available for your database system then you can develop your own.

This property defines how to treat the users that have logged in to the system before. The choices are:

1.	Do Not Remember: No information about the user is stored and thus restored. The "User Name" and "Password" fields in the Login form are always empty.

2.	Remember User: The user name of the user is stored in the cookie. In the Login form, the "User Name" field initially contains the user name restored from the cookie.

3.	Accept As Logged In: If a user has been logged into the system before and closed the browser without explicitly logging off; when he is back to the system he is accepted as logged in. Select this option only if security is not your primary concern.

4.	User Decides: If a "Remember me on this computer" option should be provided on the Login form this option must be selected. See RememberMe Element.

Defines how many times a user may try incorrect password one after another. Value 0 means there is no limit. If a value greater then 0 is specified and if a user exceeds this number with incorrect passwords then he is suspended for the time defined in Suspend Duration property.

This property is meaningful when a value greater than 0 is given to Maximum Tries property. When a user is suspended because of exceeding the allowed number of incorrect password, he will not be able to login during the period defined with this property. After suspend duration is over the user may try again.

The Security component provides a procedure to restore the forgotten passwords. The user enters his User Name or Email in the ForgotPassword form; the component then sends the user an email that contains a change password link.

To enable this functionality you have to define "Forgot Password Mail" properties.

The URL that exist in the E-Mail sent to the forgetful user provides a link to the page where the user can reset his password. This URL is encrypted by the Security component. In order to customize the encryption, it is strongly advised that a value is given to this property.

These are the standard parameters for a SMTP account. It will be used for sending the emails to the users that forget their passwords

The Mail Text. You can modify the text but you should keep "{CHANGE_PASSWORD_LINK}" definition in it since it is replaced by the component with the actual link value before sending the mail to the user.