Versions Compared

Old Version 1

changes.mady.by.user Ashhad Alam

Saved on

compared with

New Version 2

changes.mady.by.user Rohan Dhanwade

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Information in the logs can be personally-identifiable or sensitive information, for example, user names, email addresses, phone numbers that you may not want to disclose. Sensitive information should be exposed only to the authorized users from whom there is no risk of security violations. To avoid any potential security pitfall, you can mask the personally-identifiable or sensitive information.

In Adeptia Connect, when a user takes a look at the logs in the Dashboard Transactions  section section, there are several information which may not be applicable or allowed for the user to see. Some of the sections where you find sensitive information include Repository, Execution Details, Context Info, and Reference column. 

Info
This feature is supported only when GAC is enabled.

Configuring masking 

Updating the XML files

You can mask sensitive information to ensure that they are not exposed to unauthorized users. There are two steps you need to follow to configure masking.

Anchor
Updating the xml files
Updating the xml files
Updating the

XML files

finders.xml file

Adeptia Connect contains two XML files finders.xml file wherein you can define properties and patterns to mask the sensitive details. You will find the two files finder.xml and mask.properties at …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\etc can find the finders.xml at shared/masking location. Follow the steps below to update the files in the same order as mentioned here.

Updating mask.properties file
  • Go to …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\etc location.
  • Open mask.properties file.
  • Add the names of the fields which contain sensitive information (for example, Email, SSN, Phone) and need to be masked. The following examples explain how the field names should be added.
    Email=email@XXXX.XXXX
    SSN-spaces=XXX XX XXXX
    SSN-dashes=XXX-XX-XXXX
    USPhone-Formatted=XXX-XXX-XXXX
    • Save the

    this file. 

    Updating finder.xml file
      1. Go to …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\etc Go to shared/masking location.
      2. Open finderfinders.xml file.

      3. Add a set of code here for the fields you have defined in the mask.properties file. the code to the file based on what details you want to mask.
        The following example illustrates what and how should be the code.

        Code Block
        themeMidnight
        <finder>
		<name>Email</name>
		<pattern>\b[A-Z0-9._%+-]+@([A-Z0-9.-]+)\.([A-Z]{2,4})\b</pattern>
		<mask-text>email@XXXX.XXXX<mask-text/>
		<enabled>true</enabled>
	</finder>
	<finder>
		<name>SSN-spaces</name>
		<pattern>[0-9]{3}\s[0-9]{2}\s[0-9]{4}</pattern>
		<mask-text>XXX XX XXXX<mask-text/>
		<enabled>true</enabled>
	</finder>
	<finder>
		<name>SSN-dashes</name>
		<pattern>[0-9]{3}\-[0-9]{2}\-[0-9]{4}</pattern>
		<mask-text>XXX-XX-XXXX<mask-text/>
		<enabled>true</enabled>
	</finder>
	<finder>
		<name>USPhone-Formatted</name>
		<pattern>[\()\.]*[0-9]{3}[\)\ \-\.]{1,2}[0-9]{3}[\-\ \.][0-9]{4}</pattern>
		<mask-text>XXX-XXX-XXXX<mask-text/>
		<enabled>true</enabled>
	</finder>

        Wherein:Where,

        1. name - Name of the field whose value you want to mask.
        2. pattern - Pattern in which the masked information will be visible to the user.
        3. mask-text - 
        4. enabled - The property to be set to true if you want to show that information as masked.
      4. Save the file.
    Anchor
    Enabling the View User Data property
    Enabling the View User Data property
    Enabling the View User Data property

    View User Data property is available on Define Standard Entities Permissions window  window which comes in course of of creation of a role by an authorized user. If you clear this this View User Data check  check box, the users with this role will not be able to see the sensitive information which you have masked in the two XML files finders.xml file discussed above. By default, this property is enabled.



    Info
    Only a System Admin and an IT User can create a role.

    Log details impacted by masking

    When you enable masking, the following sections are impacted and they will not display the details which you were able to see before masking. 

    • File names under the the Reference column  column will be masked. 
    • In Transaction execution details, the links View Source Data and  and View Repository will not be visible. 
    • The Repository Repository option under the Action menu will be hidden. 
    • The Context Info sections under the Action menu will display only the details which are not masked.
    • The sensitive information in some of the fields in the EDI logs is also masked for unauthorized users. For more details, visit this this page.

     The masked information in these sections will be shown as per the pattern and the mask-text defined in the in the maskfinders.propertiesxml file.


    Panel
    borderStylesolid
    titleYou may be interested in...
    What is new
    Application architecture
    Key terms
    Install
    Usage scenarios