Security Settings

Securing Cookies (WildFly Only)

If you are managing an HTTPS enabled domain, it is recommended that you set a flag which will stop cookies from being transmitted over HTTP.

Note: 1Integrate has two cookies to ensure authentication across all components.

Open the standalone.xml and add:

ClosedSingle-sign-on

Add the following to the single-sign-on tag in the default host's configuration within the undertow subsystem:

http-only="true" secure="true"

For example:

<host name="default-host" alias="localhost">

<location name="/wildfly" handler="welcome-content"/>

<location name="/" handler-"root-handler"/>

<filter-ref name="server-header"/>

<filter-reg name="x-powered-by-header"/>

<single-sign-on path="/" http-only="true" secure="true"/>

</host>

ClosedSession-cookie

Then add the following to the default servlet-container:

<session-cookie http-only="true" secure="true"/>

For example:

<servlet-container name="default" allow-non-standard-wrappers="true" default-encoding="UTF-8">

<session-cookie http-only="true" secure="true"/>

<jsp-config/>

<websockets/>

</servlet-container>

Hide Stack Trace Reporting

To improve security you may wish to hide the stack trace reporting to users when an error is encountered in 1Integrate.

ClosedDisable report in WildFly

To disable full stack trace reports to users, you will need to enable the hide.stacktrace=true property in the settings.properties file.

hide.stacktrace=true

ClosedDisable Report in weblogic

To disable full stack trace reports to users, within the WebLogic Server Administration Console, include the following in the Server Start Arguments for the interface:

-Dhide.stacktrace=true

Uploaded files

Uploaded files are stored in the folder pointed to by the java.io.tmp environment variable.

For security purposes, we recommend that you use the relevant operating system tool to ensure that 'execute' permissions are removed for this folder.