General Security Settings
Changes in Connect Server Files
- Changes in Server-config.properties file (Installation\ConnectServer\AdeptiaServer\ServerKernel\etc\server-configure.properties)
- Set property application.security to “true”
- Set property abpm.server.side.entity.validation to “true”
- Set property abpm.gui.error.message.enable to "false
- Changes in auth.properties file (Installation\ConnectServer\AdeptiaServer\ServerKernel\etc\auth.properties)
- Change the value of app.connect.jwt.token.expire.time and app.connect.jwt.token.expire.timeunit property to the value you need the session to be active. For example, if you want your session to be active for 1 hour then set
app.connect.jwt.token.expire.time=1
and
app.connect.jwt.token.expire.timeunit = HOURS
Changes in Connect Portal Files
- Changes in server.xml file (Installation\AdeptiaConnect-2.9\ConnectPortal\conf\server.xml)
- Add line <Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false" /> in Host group.
SAML Strict Security Validation Settings
Changes in Connect Portal files
- Change in securityContext.xml (C:\SingleInstaller\AdeptiaConnect-2.9\ConnectPortal\resources_config\saml\securityContext.xml)
- Add line <property name="strictMessageSignatureValidation" value="true"/> in webSSOprofileConsumer bean tag.
SQL Injection & Cross-Site Scripting Vulnerability
After you have applied the patch, follow these steps to update security settings against SQL injections:
- After installing the patch, go to ...\ServerKernel\web\WEB-INF.
- Open web.xml file.
In the web.xml file, delete the following two lines.
<!-- Security handler entry startSecurity handler entry ends–>- Restart Kernel and WebRunner.