#Security

Hi,

I am trying to create a user role which shall allow users the access to only one specific namespace in an Ensemble system. I´ve startet creating the namespace with a database (with own ressource and no public access). In the second step I´ve created a role by copying it from the predefined role %Developer and assigned the ressource of the created database. After that i´ve created a user and assign him to the created role.

Hello everyone,

I'm using Atelier 1.3. When we configure a server and use HTTP to connect, works fine. But when we activate the Secure connection option I get the Unregonized SSL message, plaintext connection?

Do I need to perform any configuration on my server so that Atelier can access a secure connection?

Hi Community!

New video is already on InterSystems Developers YouTube Channel:

Certificate Revocation, OCSP Stapling and KMIP

https://www.youtube.com/embed/MHUAax-0iok
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

I need to automate the handling of usernames passwords, serverNames etc for use in the sending and receiving of emails, logging into SFTP servers etc etc for use within COS code
To manage external passwords we could use LastPass or any other proprietary password loggers, but I need to be able to call them as part of the automation (COS code) and occasionally visually look them up to "remind" the staff of their passwords.

any suggestions as to the best class data constructs to handle this scenario. Should the whole table be encrypted, only the passwords etc.

I am currently using InterSystems for patients data management related to intake treatment planning and delivery of dose.

should I create a new attribute to track Patient ID or using an existing attribute within Audit log ? what are the good practices guidelines?

If I use Event Data field to record Patient_ID is it possible out of the box to search entries for a specific Patient_ID ?

I have created some roles, and would like to know if there is a way to export the Roles and save them off to a file? I want to create a backup file of these roles for DR purpose, and in case I ever get hit by the preverbal bus.

Thanks

Scott Roth

The Ohio State University Wexner Medical Center

We have a new requirement being push down by our Data Security to no longer use Local SQL Accounts to access our Databases. So they asked me to create a Service Account that is on the Domain for our connections to each database.

I tried just changing my JDBC connection to using this Service Account and Password but I am not having any luck trying to connect to the database.

" Connection failed.
Login failed for user 'osumc\CPD.Intr.Service'. ClientConnectionId:ade97239-c1c8-4ed1-8230-d274edb2e731 "

hi

when I logon linux with a not root user, and then call ccontrol start/stop cache, show no permisson .

how to grant start/stop/restore privilege to user who is not root .

thanks

Hi,

I have a client who is considering encryption options in order to comply with a tendering requirement.

Were they to encrypt the production database then what would be a reasonable expectation forthe impact on message throughput. Or possibly more easily answered: what would be the expected impact be on I/O rate and CPU utilization. Are there any benchmarks to which could support an estimate ?

How would this compare with plan B: to use disk encryption ?

Thanks

I need to offer new users on our system a temporary password that is valid for only 48 hours. This is different than a 60-day password expiration window for existing users' passwords (where a password needs to be changed every 60 days), and is different than a "user expiration date", where you can set a date where the user's account expires and is disabled on that date, and different than the inactivity expiration date where a user becomes active if his account is not used within, say, 30 days.

I was running the %File:FileSet class query, with my development user, but I am unable to run this query for an application user. Does anyone know what resource or service is needed to run this query? Assume the user has access to a certain directory on the file system needed for the query.

On second though, having tried almost all the available resources and services, perhaps the user doesn't have access to the directory. How to tell when the error is this:

I am working through trying to use ZAUTHENTICATE.mac and LDAP.mac to do Delegated sign on into Ensemble. In reading over the samples and the documentation, I am not clearly finding on how to set the Appropriate Role from the LDAP group I return. Can someone help explain this part to me? If I have a user sign on, and I return a "Group" from the Authentication, how do I get that to transform into the Role I need for Ensemble.

Thanks

Scott Roth

Hi community ,

i work actually on the access token generation method , i want know where the generated access token are saved ?

My [OAuth2.AccessToken] tabe is empty , it's logical?

thank's for helping .

Best regards

Hi community ,

i use postman for testing my request , i need to extract access token from it (i put it inside the "Get url" using post man before sending my request).

i use the GetAccessTokenFromRequest of (%SYS.OAuth2.AccessToken) class , but in my rest code party , when i send request from post man , i can't extract my access token, it's empty.

can please give me help?

thank you