Encoding credentials in URLs

You can control whether the credentials are encoded that are passed in an IBM® Business Process Manager URL that implements redirect-login.jsp. You can encode credentials in a URL that is used, for example, to start a service directly from IBM Process Designer.

Before you begin

Verify the following components are stopped before completing this task:
  • IBM Process Center Server
  • IBM Process Server

About this task

To make changes to the configuration, you must copy content from the 00Static.xml file to each 100Custom.xml file in your topology. To control encoding, use the <encode-redirect-url-credentials> property in the 00Static.xml file. Information about the 100Custom.xml files and the location of configuration files is found in the topics "The 100Custom.xml file and configuration" and "Location of configuration files."
Important: Make all required modifications to the 100Custom.xml file. Do not edit the 00Static.xml file.

Procedure

  1. Open the 00Static.xml file in a text editor.
  2. In the 00Static.xml file, copy each property that you want to change.
  3. In a text editor, open each 100Custom.xml file your topology.
  4. Copy the following properties from the 00Static.xml file and then paste them into the 100Custom.xml files: 
    <authoring-environment>
   <encode-redirect-url-credentials merge="replace">true</encode-redirect-url-credentials>
</authoring-environment>
  5. Modify the value of the <encode-redirect-url-credentials> property. By default, this property is set to true so that credentials passed in an IBM BPM URL are encoded. If you change the setting to false, the URL is composed with credentials in plain text.
  6. Save your changes.
  7. Start IBM Process Center Server and Process Server.
Parent topic: Configuring proxy settings
Related information:
The 100Custom.xml file and configuration
Location of 100Custom configuration files