Block SOAP connection per user/group Hot

by Jimmy Scott on January 04, 2018

Provide a setting in Administrator Privileges that will allow an Admin to grant or decline a user from being authorized to connect using SOAP.

  • The Submit form has actions in place that when certain selections are made, specific fields then become required.

    As an example: Submitting an item for an Application (Type) change would then require the used to select the Application in question. Whereas had the submitter selected Process Change (Type) it would not require Application, but might require Team Affected.

    Presently there is a Privilege that may be granted/declined for Connect Using the API - this is not the same setting being requested.

  • Please login to view any attachments.

  • Already have an account? or Create an account
    With the current setup, users are able to submit via SOAP and bypass the Form Action required fields, that once submitted would allow him or her to transition the item forward without all required information.

    We did attempt working with support; however, the resolution was to enable SSL for SBM, which caused numerous down-stream issues that required us to roll back production, such as the following:
    1) Repository buffer size had to be increased in order to allow deployments (KB D17074) - Required Enable of SSL Client Certificate Authorization in Configurator to access Advanced Settings and modify buffer size to 100 M, then disable SSL Client Certificate since it would not be used
    2) IIS SSL setting for GSOAP was required to be enabled any time after Apply was click ed in Configurator as it removes that setting
    3) Server.xml file required manual modification to enable a specific port so that PVCS would continue to function - This too had to be reapplied frequently
    4) The most problematic was that SBM Scheduled Reports would not longer function, so users would get the Error template with a link to their report, and would not get the attached PDF or Excel file
    Jimmy Scott Commented by Jimmy Scott January 04, 2018
    Top 50 Reviewer  -  

    With the current setup, users are able to submit via SOAP and bypass the Form Action required fields, that once submitted would allow him or her to transition the item forward without all required information.

    We did attempt working with support; however, the resolution was to enable SSL for SBM, which caused numerous down-stream issues that required us to roll back production, such as the following:
    1) Repository buffer size had to be increased in order to allow deployments (KB D17074) - Required Enable of SSL Client Certificate Authorization in Configurator to access Advanced Settings and modify buffer size to 100 M, then disable SSL Client Certificate since it would not be used
    2) IIS SSL setting for GSOAP was required to be enabled any time after Apply was click ed in Configurator as it removes that setting
    3) Server.xml file required manual modification to enable a specific port so that PVCS would continue to function - This too had to be reapplied frequently
    4) The most problematic was that SBM Scheduled Reports would not longer function, so users would get the Error template with a link to their report, and would not get the attached PDF or Excel file

     

PrintEmail

Recent Tweets