Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected links that should have been relative instead of absolute.

To recover the Adeptia Connect UI:

...

Info
Remove all the changes done manually at the time of applying the patch.

...

General Security Settings

Changes in Connect Server Files

  • Changes in Server-config.properties file (Installation\ConnectServer\AdeptiaServer\ServerKernel\etc\server-configure.properties)
    • Set property application.security to “true
    • Set property abpm.server.side.entity.validation to true
    • Set property abpm.gui.error.message.enable to false
  • Changes in auth.properties file (Installation\ConnectServer\AdeptiaServer\ServerKernel\etc\auth.properties) 
    • Change the value of app.connect.jwt.token.expire.time and app.connect.jwt.token.expire.timeunit property to the value you need the session to be active. For example, if you want your session to be active for 1 hour then set 
      app.connect.jwt.token.expire.time=1 
      and 
      app.connect.jwt.token.expire.timeunit = HOURS

Changes in Connect Portal Files

  • Changes in server.xml file (Installation\AdeptiaConnect-2.9\ConnectPortal\conf\server.xml) 
    • Add line <Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false" /> in Host group.

SAML Strict Security Validation Settings

Changes in Connect Portal files

  • Change in securityContext.xml (C:\SingleInstaller\AdeptiaConnect-2.9\ConnectPortal\resources_config\saml\securityContext.xml)
    • Add line <property name="strictMessageSignatureValidation" value="true"/> in webSSOprofileConsumer bean tag.

SQL Injection & Cross-Site Scripting Vulnerability

After you have applied the patch, follow these steps to update security settings against SQL injections:

  1.  After installing the patch, go to ...\ServerKernel\web\WEB-INF.
  2. Open web.xml file.
  3. In the web.xml file, delete the following two lines.

    <!-- Security handler entry start
    Security handler entry ends–>
  4. Restart Kernel and WebRunner.