pp108 : Enabling Miscellaneous Security Properties

Enabling Miscellaneous Security Properties
This topic describes the procedure to enable miscellaneous security properties using Management Console.

Before you begin this task:
You must be in the Management Console window to perform this task.

Process Platform provides you with security features such as:

  • Stripping or masking of the sender or information in the SOAP responses
  • Guaranteeing user context
  • Ensuring user permissions with a service container before routing the request from the user to the service container. This is called Sandboxing.
  1. In a Windows-based computer, click Start > Programs > Process Platform > <Instance Name> > Tools > Management Console.
    Note: In a Linux-based computer,
  2. Launch Terminal.
  3. Provide CD <Process_Platform_Installation_Directory>/bin.
  4. Execute ./cmc.sh.
    The Management Console window appears.
  5. Click Security Properties in the Management Console window.
  6. If you are accessing Security Properties for the first time, you must provide the password for accessing Management Console; else proceed to the next step. The Security Properties page appears and the DoS Attack tab is displayed by default.
  7. Click the Others tab in the Security Properties window. The Others page appears.
  8. Select the check box for any or all of the miscellaneous security properties listed below, and click .

    Security Property

    Description

    Strip Outgoing Traffic

    The headers of SOAP responses include information about senders and recipients, which can be misused to send malicious requests or DoS attacks. To prevent this, enable the Strip Outgoing Traffic feature. The response then contains only the message ID and any information about the senders and receivers is masked.

    Guaranteed User Context

    The request-response communication between service containers is carried out in the SYSTEM context that enables it to disrupt the system behavior. This can be avoided by maintaining a guaranteed user-context until the request is processed. (Deprecated)

    Sandbox Feature

    Process Platform Web Gateway forwards SOAP requests to the service container based on the Web service interface and namespace information contained in the request. However, it does not verify its user permissions. This can be controlled using the Sandbox feature that enables Web Gateway to verify user permissions, for Web service interface and namespace, and then route the request to the appropriate service container.



    The selected security properties are enabled.