Think of something that you wish Authorware could do but it doesn't?  Let the our good friends at Macromedia know via the wishlist.

Please let us know if you find any of the materials on this site inappropriate or offensive. Please include the url and why the material should be reviewed.

Comments and questions about the site are also welcome. Please no Authorware questions, use the AWARE list.


1084 - How do I set my web site to be trusted so users don't have to see the Security Dialog box?

by - Joe Ganci

This WEB stuff is kind of new to me. I've been producing for CD based all the time I've produced. I have a question about trusting and nontrusting mode. I can't seem to get a straight answer out of the help pages for Authorware. If I check the "Show Security Dialog" box in the for web player tab in one button publishing does that set the mode to trusting? If I use the Authorware Web Player Security KO do I have to list every page of a course or only the URL where the pages are located.

The question of security is a big one for Macromedia, for obvious reasons. It's relatively simple to write a routine in Authorware that will wipe our a person's hard drive or perform any number of other nasty virus-like acts. When you create aomething on CD and hand it over to someone, they are implicitly trusting that the CD doesn't contain viruses or they will run a virus program on it first. When you go to a web site, a virus could easily be downloaded and run in an Authorware-enabled app as well, so somehow the person on the other end has to "trust" it.

I hope that explains something regarding the background "why it is so" because that will I hope clear up what follows. Remember that the end user has to trust the application and there is NO getting around that. However, there are various ways you can have the user agree to trust your app. Checking the "Show Security Dialog" box does just that - it shows the security dialog box so that the user can choose whether to trust your app or not. The Web Player Security KO will allow you to set a complete URL, however note the message on the first screen of the KO that tells you that the KO won't run in a nuntrusted app. That means you still have to get the user to agree to trust your initial app before it can turn around and set the rest of the sites to be trusted.

So, what to do? So far, you've seen that you need to have the user trust you, somehow someway. There is no getting around that. You have seen that there are two ways thus far to do this:

1) Turn on the Security Dialog option and have the user click Yes. 2) Turn on the Security Dialog box, have the user click Yes, then set all the other sites you want to be trusted by using the Web Player KO.

Are there other ways? Yep. The secret lies in where the security options are set. Go to your Windows folder (or whatever it's called on your system) and look for a file called AWSHKWV.INI. In it, unless you've never run and trusted a web-enabled app, you'll see lines like this:

# Security settings:
Security = TrustOnlyListed
WarnNonTrusted = ON
WarnTrusted = OFF
TrustedSite = file://C:\Documents and Settings\jganci\Desktop\Published Files\Web\test.aam
TrustedSite = file://C:\Documents and Settings\jganci\Desktop\UCCC\uccc.aam
TrustedSite = file://C:\Projects\External\United Way\CD\Published Files\Web\movieplayer.aam
TrustedSite = file://C:\Projects\External\United Way\From Joe\movieplayer.aam
TrustedSite = file://C:\Projects\External\United Way\Published Files\Web\movieplayer.aam
TrustedSite = file://C:\Published Files\Web\temp.aam
TrustedSite =
TrustedSite = http://localhost/Rafaella/netdownload.aam
TrustedSite = http://localhost/uway/posturl.aam
TrustedSite = http://localhost/web/update_tries_results_update.aam
TrustedSite =
TrustedSite =
TrustedSite =
TrustedSite =
TrustedSite =
TrustedSite =

As you can see, in my file there are a bunch of trusted sites. Some of these were set by clicking the Security Dialog box, some of these were set possibly by the Web Player KO, and some of them were set using another method.

Another method (which we had done for you) is to have an installation program that a user downloads from a web site or that is delivered on a CD that will open up the above file and add a TrustedSite = line to the file. Thereafter, when the user navigates to the web site listed in the INI file, the site will already be trusted. This means you would not set the Show Security Dialog box for that web-enabled file (it's already trusted!).

Any method you choose to change that INI file will result in a trusted site, including going in and changing it manually. Remember, in the end the user is trusting your site one way or another. There is no getting around that. I hope this helps!

There are 0 reviews
Add your review