Site Administration

Site Administration information

Headers

TimL • 2025/06/12

In System Tools > Settings > Security there are 2 header related options:

Use CTO and STS headers
- X-Content-Type-Options: nosniff
- Strict-Transport-Security: max-age=$HSTSSeconds; includeSubDomains
  - $HSTSSeconds is set in noodle.properties (6 months default)
  - Only set if HTTPS is in use
Use RT, CSP, FO, XSSP headers
- Report-To: ...1 day... /CSP.po
  - If Chrome or Edge of supporting versions
- Content-Security-Policy: $CSP
  - $CSP varies depending on the page served
- X-Frame-Options: SAMEORIGIN
- Referrer-Policy: strict-origin-when-cross-origin
- X-XSS-Protection: 1

JWT

TimL • 2025/03/25

Noodle can authenticate users from Google JWT.

Cloud users can visit intra.net
Local installs can visit https://intra.net/index_google.html?new=$your.domain.local
- after which a button will appear on the login page and a setting to disable it.

Privacy Policy

TimL • 2025/01/05

We don't share your data with anyone.

Some features may send data to 3rd parties (VPS, AI, Email, ect)

LLM APIs

TimL • 2024/11/26

Noodle can integrate with Large Language Models to aid in content creation. ArtificialAnalysis.ai has a nice pricing, quality, and speed overview. One token is roughly equivalent to 0.75 million words.

Links to 3rd party Application Programming Interfaces and pricing:

Free tiers:

x.ai ($25/month free + $7.50 / 1M Tokens)
google.com (Gemini 1.5 Flash: 1.5k requests / day + $0.13 / 1M Tokens)
huggingface.co (1k requests / day + $9 / month for 20k requests / day)

Paid only:

anthropic.com (Haiku: $2 / 2M Tokens)
openai.com (o1-mini: $5.25 / 1M tokens)

Java Application Servers

TimL • 2021/07/12

Wikipedia has a list. Comments on the popular options;

Apache - Tomcat (most popular)
Eclipse - Jetty (small and fast)
Eclipse - GlassFish (heavy)
Payara - Payara
Red Hat - WildFly / JBoss EAP

Micro services; fast start with native executables via GraalVM;

Red Hat - Quarkus
Micronaut - Micronauts

Specifications at jakarta.

Password reset

TimL • 2020/08/31

Any user with access to system tools can reset the admin password with a web browser.

Any person with access to the SQL server can change the admin password to another users password

select object_id, username, password from users where username = 'admin' or username = '$ME';
update users set password = '$PASS' where object_id = '$ID';

For example

update users set password = 'P3b*cH.5fOBTJl5ELM)W' where username = 'admin';

Current Versions

TimL • 2019/05/16

Branch	Version	First build	Latest build
Long Term Support (LTS)	7.13.02	2025-01-02	2025-01-02
Release	7.14.02	2025-04-02	2025-04-24
Next	7.14.03	2025-05-02	Today

Long Term Support versions (annually)

Version	Release	Retirement
7.13.02	2025-01-02	2026-01-02
7.12.07	2023-12-02	2025-01-02
7.11.03	2022-11-02	2024-01-02
7.08.23	2021-12-01	2023-01-02
7.08.13	2020-11-03	2022-01-02
7.08.02	2019-10-02	2021-01-02
7.05.12	2019-02-19	2020-01-02

Release versions (monthly)

Version	Release	Retirement
7.14.01	2025-04-02	2025-05-02
7.13.04	2025-03-02	2025-04-02
7.13.03	2025-02-02	2025-03-02
7.13.02	2025-02-01	2025-02-02
7.13.01	2024-12-02	2025-01-02
7.12.17	2024-11-02	2024-12-02
7.12.16	2024-10-02	2004-11-02
7.12.15	2024-09-02	2004-10-02
7.12.14	2024-08-02	2004-09-02
7.12.13	2024-07-02	2024-08-02
7.12.12	2024-04-18	2024-07-02
7.12.11	2024-04-08	2024-04-18
7.12.10	2024-04-02	2024-04-08
7.12.09	2024-03-02	2024-04-02
7.12.08	2024-02-02	2024-03-02
7.12.07	2023-12-02	2024-01-02
7.12.06	2023-11-02	2023-12-02
7.12.05	2023-10-02	2023-11-02
7.12.04	2023-09-02	2023-10-02
7.12.03	2023-08-02	2023-09-02
7.12.02	2023-07-02	2023-08-02
7.12.01	2023-06-02	2023-07-02
7.11.07	2023-05-02	2023-06-02
7.11.06	2023-04-02	2023-05-02
7.11.05	2023-03-02	2023-04-02
7.11.04	2023-02-02	2023-03-02
7.11.03	2022-11-02	2023-02-02
7.11.02	2022-10-02	2022-11-02
7.11.01	2022-09-19	2022-10-02
7.10.01	2022-08-02	2022-09-02
7.09.04	2022-07-02	2022-08-02
7.09.03	2022-06-02	2022-07-02
7.09.02	2022-05-02	2022-06-02
7.09.01	2022-04-02	2022-05-02
7.08.26	2022-03-02	2022-04-02
7.08.25	2022-02-02	2022-03-02
7.08.24	2022-01-02	2022-02-02
7.08.22	2021-11-02	2021-12-02
7.08.21	2021-10-02	2021-11-02
7.08.20	2021-07-02	2021-10-02
7.08.19	2021-06-02	2021-07-02
7.08.18	2021-05-02	2021-06-02
7.08.17	2021-04-02	2021-05-02
7.08.16	2021-03-02	2021-04-02
7.08.15	2021-02-02	2021-03-02
7.08.14	2021-01-02	2021-02-02
7.08.12	2020-10-02	2020-11-02
7.08.11	2020-09-02	2020-10-02
7.08.10	2020-08-02	2020-09-02
7.08.09	2020-07-02	2020-08-02
7.08.08	2020-06-02	2020-07-02
7.08.07	2020-05-02	2020-06-02
7.08.06	2020-04-02	2020-05-02
7.08.05	2020-03-02	2020-04-02
7.08.04	2020-02-02	2020-03-02
7.08.03	2019-12-02	2020-01-02
7.08.01	2019-09-02	2019-10-02
7.06.05	2019-08-02	2019-09-02
7.06.04	2019-07-02	2019-08-02
7.06.03	2019-06-02	2019-07-02
7.06.02	2019-05-02	2019-06-02
7.06.01	2019-04-02	2019-05-02
7.05.13	2019-03-02	2019-04-02
...
4.01.01	2001-06-08	2001-06-08
...

Security Assertion Markup Language (SAML)

TimL • 2018/11/14

Overview

SAML allows for SSO using the Web Browser users credentials.

Noodle Prerequisites

If AD is being used, LDAP users should have already been populated within Noodle.

Quick reference

Save your IdP URL and fingerprint in your SP (Noodle)
Use https://yourNoodle.tld/SAML.po in your IdP settings and Web Browser.

Supported IdPs

Onelogin, Okta, and Azure
Note: Contact us for assistance integrating Other IdPs.

Noodle Configuration

In Noodle navigate to “System Tools > Settings > Single Sign-On”

Both URL & fingerprint will be supplied by your IdP vendor. Your IdP may provide an XML file which contains the URL and certificate, to convert the certificate into a SHA-1 fingerprint there are some online SAML tools:

Format Certificate

Calculate Fingerprint

IdP Configuration

Your IdP will require a location to direct SAML responses, use https://yourNoodle.tld/SAML.po. Noodle will be compatible with the default settings of most IdPs.

OneLogin

Navigate to "Administration > Applications > Add App"
Search for "SAML Test Connector (IdP)"
setting tabs
- Info (all optional)
- Configuration
  - ACS (Consumer) URL Validator = .*
  - ACS (Consumer) URL = https://yourNoodle.tld/SAML.po
  - the rest can be left blank
- Parameters
  - Configured by admin
    - NameID (fka Email) = Email
- Rules (all optional)
- SSO
  - X.509 Certificate = 2048-bit
    - View details will show the fingerprint
  - SAML Signature Algorithm = SHA-1
  - SAML 2.0 Endpoint (HTTP)
    - This is the URL to save in Noodle
- Access (all optional)
- Users (make sure you add some)
- Privileges (all optional)

Azure

Azure Active Directory > Enterprise applications > New Application
Non-gallery Application > Name can be anything > 2 Single sign on > SAML
- set "Identifier (Entity ID)" to the domain name for the Noodle instance
- set the "Reply URL" to https://yourNoodle.tld/SAML.po
- copy the "Thumbprint" and "Login URL" to put in the Noodle settings

Analytics

TimL • 2016/08/25

Average number of logins per day
Application usage
Number of Logins per user
Index Queue
Error Codes
User Activity
Page Hits
Item Views
User IPs
User Time
Storage Space Occupied
Shared Folders
Large Files
Home Folders

Masquerading

TimL • 2016/07/06

Some intermediate servers (proxy/gateway/firewall/router/etc) will answer a request from the browser on behalf of the server. If this happens frequently and you are unable to change the intermediate server to avoid this (supporting 2 minute connections is a good start) you can use

top.noodle.ajax.ignoreMasquerading=true;

use that as a last resort as it can cause further UI interference.

Noodle Help Site

Helping you use your Noodle