Security

Syndicate content 15 

Hello experts,

I'm new to InterSystems software and still not so familiar with it. Therefore I do apologize in front if this question is irrelevant, not making sense or answer is commonly known.
 

I've did my best in search for answer, but unfortunately i haven't found anything helpfull. So I decided to ask for help here.

 

My problem is repetitive error which occure in CSP Gateway event log : 

Error Condition: Failed to read posted content from the client (Content-Length: 1404; Data Actually Read: 0; Read Error: 70007)

Last answer 8 May 2019
0   0 3
0

comments

59

views

0

rating

Hi,

I am trying to create a user role which shall allow users the access to only one specific namespace in an Ensemble system. I´ve startet creating the namespace with a database (with own ressource and no public access). In the second step I´ve created a role by copying it from the predefined role %Developer and assigned the ressource of the created database. After that i´ve created a user and assign him to the created role.

Last answer 7 March 2019 Last comment 7 March 2019
0   0 2
68

views

0

rating

Hi All,

Can someone help me getting the security features & standards which InterSystmes Cache adheres to ISO 27001 & other security & privacy standards.

Also if you can tell me the algorithm used for database encryption & key strength by default.

This is required for a security audit.

Thanks in advance.
Ashish

Last answer 1 February 2019
0   0 3
0

comments

98

views

0

rating

Is there a way to make the system users like _SYSTEM and ensadm bypass the Delegated sign-on and not cause it to fill up the Audit trail with "Programmer mode login failure"?? I figured I still had to leave password login enabled for the background users to run. How would I script if username = "_SYSTEM" then don't do the Delegated sign on?

Here is my ZAUTHENTICATE

Last answer 11 April 2018 Last comment 11 April 2018
0   0 3
166

views

0

rating

I need to offer new users on our system a temporary password that is valid for only 48 hours.  This is different than a 60-day password expiration window for existing users' passwords (where a password needs to be changed every 60 days), and is different than a "user expiration date", where you can set a date where the user's account expires and is disabled on that date, and different than the inactivity expiration date where a user becomes active if his account is not used within, say, 30 days.  

Last answer 21 March 2018 Last comment 21 March 2018
0   0 2
214

views

0

rating

Hi,

I need list all available Windows AD groups .

How I do it?

I need to change the attributes of Windows Users of AD, adding and remove groups.

Note: I was able to make the connection to LDAP, and I listed the groups that a user.

Last answer 15 February 2018 Last comment 15 February 2018
0   0 2
194

views

0

rating

Cache for Windows (x86-64) 2015.1 (Build 429U) Fri Feb 13 2015 14:37:23 EST [HealthShare Modules:Core:12.07.3703 + Linkage Engine:13.04.3703]

Use case: Search an LDAP database from Caché over TLS using Mutual Authentication.

Extract from the %SYS.LDAP documentation:

Last answer 12 February 2018 Last comment 7 February 2018
0   0 4
304

views

0

rating

Hi community ,

i use postman for testing my request , i need to extract access token from it (i put it inside the "Get url" using post man before sending my request).

i use the GetAccessTokenFromRequest of (%SYS.OAuth2.AccessToken) class , but in my rest code party , when i send request from post man , i can't extract my access token, it's empty.

can please give me help?

thank you

Last answer 28 January 2018
0   0 2
0

comments

158

views

0

rating

Hi community ,

i worked this last time on the access token generate method , now it's ok, i want  use the received access token to have access for asking the resources server.

i found the [%SYS.OAuth2.AccessToken] class which describes how add access token in the http request header , but i don't know how use it in my project.

Do me take only this class or the full package %SYS.OAuth2.

Thank you for helping .

Last answer 27 December 2017
0   0 1
0

comments

242

views

0

rating

I tried to implement the Oauth2 in google,

I got authentication, But I unable to read response class.

I got an error as:

I unable to change response Class.

Anyone help me to Change response Class in Client Configuration

                      or

Is there any option to define response URL manually?

Thanks

Last answer 9 March 2017 Last comment 8 November 2017
0   0 4
230

views

0

rating

Hi,

we´re looking for a way to determine, if the System Management Portal (SMP) is only accessible through ssl/tls -> https. One of our applications send daily reports via email and places some dynamically created links within it. The application runs on the instance being monitorred (Ensemble-Productions).

Since we migrate some of our customers systems to use https for the SMP connection, we need to generate those links with https:// instead of http://. Our application is characterized as kind of a lib so we use it for many of our clients systems.

Last answer 28 July 2017 Last comment 28 July 2017
0   0 3
248

views

0

rating

Hi,

I'm unable to locate a set of instructions that would allow me to encrypt the traffic to/from the Cache' Management Portal (that is - run it over HTTPS)

I am referring to the Management portal as hosted by the private Apache Web server instance installed with Cache. (I know how to do this for regular web sites hosted on, for example, IIS).

 

I would imagine the steps would involve, (a) enable SSL on that apache instance and (b) deploy certificates into the Apache web server.

Does anyone have a step-by-step guide on how this is accomplished ?

Last answer 7 June 2017 Last comment 7 June 2017
0   0 5
763

views

0

rating

I have built an Ensemble SOAP service (EnsLib.SoapService.Service) as a business service which accepts soap requests from another application. To secure the traffic between the SOAP service and the application i'd like to enable SSL. I see that in the management portal I can upload the certificates, chains and keys and save them as an SSL / TLS configuration. However, it is not clear to me how I apply this SSL / TLS configurtion to the soap service I am running.

Last answer 20 April 2017
0   0 3
0

comments

736

views

0

rating

I have multiple namespaces in a Cache environment say NS1 & NS2. I want to add some restriction so that  a routine running in the NS1 should not access any resource(global/routine) belongs to namespace NS2.

The above restriction need for few of the clients only, so we do not want to write any custom logic in code. 

We are looking for some solution provided by Cache where we can restrict the namespace access.

Can somebody please help me on this.

Last answer 31 March 2017
0   0 0
0

comments

141

views

0

rating

We are using Cache in our application. We are using default username/password for connecting to the Cache Database through Cache Manege Provider. Can we limit the permission of the user _SYSTEM to access only limited database/namespace.

Can we create new user for ODBC connection? Is there any API provided for creating user with limited access so that the user creation process can be automated.

Last answer 22 March 2017
0   0 3
0

comments

355

views

0

rating

I use Cache Instance. I'm trying to implement OAuth 2.0 in Cache instance.
Is it possible to use Cache instance as Client and Server?

And What is the Difference between CLIENT and AUTHSERVER instance?

Why is it used? I want to know which instance use which type of application?

Last answer 7 March 2017
0   0 1
0

comments

167

views

0

rating

I'm currently re-engineering an application from CSP pages directly accessing COS Methods, to an Angular/Material front end accessing a REST DAL.  Both the Angular front end and REST services are hosted from the same Caché instance and the same namespace, but the REST services have their own CSP application, with all calls being routed through a Dispatch class.  

Last answer 5 January 2017 Last comment 5 January 2017
0   0 2
266

views

0

rating