• Product manuals

Browse the manual

• Introduction
  • Deployment strategies
  • Java
  • System requirements
• Installation of Workbenches
  • Getting Workbench installers
  • What a Workbench installer does when launched
  • Installation modes - console and silent
  • Uninstalling a Workbench
• Licenses
  • Connecting to a CLC Network License Manager from Workbenches
• Workbench plugins
• Workflows
• Connecting to a CLC Server
• Security policies
• Storing and backing up data
  • Default Workbench data storage
  • Temporary data
  • Backup of Workbench information
  • Disk space requirements
• System resources
  • Setting the amount of memory available for the JVM
  • Setting the number of cores to use
• Overview - where do we put things?
  • Per-computer Workbench information
  • Per-user Workbench information
  • Per CLC Data Location information

Security policies

The Workbench has a security policy configuration that enables administrators to allow or deny particular activities, described in the list below.

Policies are specified in a file called policy.properties that needs to be placed within the settings folder under the Workbench installation directory. Users without administrator access are not able to change the contents of this file unless the Workbench has been installed somewhere they have write access.

Each of the following keys within a policy.properties file can be followed by either = allow or = deny. No policy.properties file is present in a default Workbench installation, and thus by default, all the policies listed below are allowed.

workbench_version_check

Controls whether notifications for Workbench updates should be shown.

plugin_version_check

Controls whether notifications for plugin updates should be shown. Note that if plugin_download is set to "deny", plugin update notifications will not be shown, regardless of this setting.

online_search

Controls access to online sequence and structure search engines and some databases from third party providers. Depending on the Workbench being used, this includes Search for Sequences at NCBI (), Search for PDB Structures at NCBI (), Search for Sequences in UniProt (), Download Genomes () and Search for Reads in SRA ().

online_ncbi_blast

Controls whether tools performing BLAST at NCBI's servers should be available to users. This includes NCBI BLAST () run from the Tools menu and also from sequence selections.

ncbi_blast_download

Controls whether the Download BLAST databases () tool, which allows download of BLAST databases from NCBI's servers, should be available.

plugin_manage

Controls whether the Plugin Manager should be available. Users will still be able to install plugin updates if plugin_download and plugin_version_check are allowed.

plugin_file_install

Controls whether plugins can be installed from a local file.

plugin_download

Controls whether plugins can be downloaded and installed via the Download Plugins tab of the Workbench Plugin Manager. Setting this policy to deny also stops checks for for updated plugins and the display of notification dialogs about available plugin updates during Workbench startup.

workflow_manage

Controls whether the Manage Workflows dialog should be available.

workflow_file_install

Controls whether workflows can be installed from a file.

sequence_to_structure

Controls access to the Link Variants To Structure () and Download 3D Protein Structure Database () tools, as well as whether the 'Link to Structure' links in variant tables should be enabled or not.

usage_information_collection

Controls whether anonymous information about the usage of the workbench is shared with QIAGEN, helping us improve our products. It is also possible to opt out of providing usage information on a per-user basis via a setting in the General section of the Preferences dialog.

welcome_center

Controls whether the Workbench should contact the server that distributes content for the Welcome Center.

run_on_workbench_when_server_is_available

(Legacy) Controls whether server-enabled tools, run directly or in the context of a workflow, can be run on a Workbench when it is connected to a CLC Server. It has no effect on tools that can be run only on a CLC Workbench or on the ability to download reference data to a CLC Server CLC_References location using the Reference Data Manager. This legacy option will be retired in a future release. Please use the workbench_save_to_server property, described below, from version 25.0.

workbench_save_to_server

Controls whether the Workbench has permission to write data to CLC Server File System Locations.

A sample policy.properties file can be downloaded from
https://resources.qiagenbioinformatics.com/deployment/policy.properties. This can then be placed in the settings folder and edited to contain the relevant values. The new policy will take effect next time the Workbench is started.

---