Best Practices for Configuring GlobalForms Externally
Overview
Configuring GlobalForms externally can allow you to improve processes externally by providing the forms you create to users outside your organization.
Best Practices
Separation of Servers
GlobalForms can be run as a standalone product without the need for GlobalSearch or GlobalCapture on the same machine. Alternatively, it can also live on the same machine as it’s sister applications. If you would like to completely isolate GlobalForms from your internal network, you may choose to install GlobalForms on a completely separate server in a DMZ or a completely different network altogether.
One important thing to note, GlobalForms does leverage GlobalCapture as it’s workflow engine and facilitating submissions of forms into products like GlobalSearch and as a result, GlobalCapture must have access to GlobalForms over it’s standard accessible ports. (3001, 5454, or whatever custom port binding you decide).
Enable HTTPS
If you are looking to configure GlobalForms outside your network, it is recommended communication be configured using HTTPS to encrypt communication between the client and server. For more information on how to configure HTTPS, check out the instructions here.
Picking a Port
GlobalForms by default uses port 3001 for non-SSL communication and 5454 is used for SSL based communication. These ports can be reconfigured in the following files:
C:\GlobalForms\client\dist\config.js
C:\GlobalForms\config\default.json
Following any adjustments, be sure to reboot the GlobalForms service.
Submission Security
Submission Security will dictate who can see submissions after they have been submitted. It’s important to be mindful of how the “Read All” security is configured for submissions. Anyone who has the rights to “Read All” will have the ability to query GlobalForms for all submitted submissions. By default, no one has this access, and this is access that generally should not be provided.
Users can have access to “Read Own Submissions” which will allow them to access their own submissions, if required.
The default security for newly created GlobalForms is shown below. Note how Read All, Update All, Delete All have no users defined and only Authenticated users can access their own submissions. This allows for the highest amount of security when it comes to accessing a form’s submission data.