General Security Settings

Changes in Connect Server Files

• Changes in Server-config.properties file (Installation\ConnectServer\AdeptiaServer\ServerKernel\etc\server-configure.properties)
• Set property application.security to “true”
• Set property abpm.server.side.entity.validation to “true”
• Set property abpm.gui.error.message.enable to “false”
  

• Changes in auth.properties file (Installation\ConnectServer\AdeptiaServer\ServerKernel\etc\auth.properties) 
• Change the value of app.connect.jwt.token.expire.time and app.connect.jwt.token.expire.timeunit property to the value you need the session to be active. For example, if you want your session to be active for 1 hour then set 
  app.connect.jwt.token.expire.time=1 
  and 
  app.connect.jwt.token.expire.timeunit = HOURS

Changes in Connect Portal Files

• Changes in server.xml file (Installation\AdeptiaConnect-2.9\ConnectPortal\conf\server.xml) 
• Add line <Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false" /> in Host group.

SAML Strict Security Validation Settings

Changes in Connect Portal files

• Change in securityContext.xml (C:\SingleInstaller\AdeptiaConnect-2.9\ConnectPortal\resources_config\saml\securityContext.xml)
• Add line <property name="strictMessageSignatureValidation" value="true"/> in webSSOprofileConsumer bean tag.

SQL Injection & Cross-Site Scripting Vulnerability

After you have applied the patch, follow these steps to update security settings against SQL injections:

1.  After installing the patch, go to ...\ServerKernel\web\WEB-INF.
2. Open web.xml file.

3. In the web.xml file, delete the following two lines.

   <!-- Security handler entry start

   Security handler entry ends–>

4. Restart Kernel and WebRunner.