Security Settings
Securing Cookies (WildFly Only)
If you are managing an HTTPS enabled domain, it is recommended that you set a flag which will stop cookies from being transmitted over HTTP.
Open the standalone.xml
and add the following to the default servlet-container in the undertow subsystem's configuration:
<session-cookie http-only="true" secure="true"/>
For example:
<servlet-container name="default" allow-non-standard-wrappers="true" default-encoding="UTF-8">
<session-cookie http-only="true" secure="true"/>
<jsp-config/>
<websockets/>
</servlet-container>
Hide Stack Trace Reporting
To improve security you may wish to hide the stack trace reporting to users when an error is encountered in 1Integrate.
Uploaded files
Uploaded files are stored in the folder pointed to by the java.io.tmp
environment variable.
For security purposes, we recommend that you use the relevant operating system tool to ensure that 'execute' permissions are removed for this folder.