How To
Summary
You can specify the web application firewall to use the default or a custom policy file in IBM Content Navigator 3.0.8. This information provides the steps required to add the “Web application firewall policy” option and specify the policy file.
Objective
Specify the web application firewall to use the default or a custom policy file.
Steps
You can use one of two methods to specify the web application firewall to use the default or a custom policy file. Method one is using the ICN Configuration and Deployment UI (CMUI) and method two is using the command-line interface.
Method 1: Open the profile using the CMUI. Select the task "Configure the IBM Content Navigator Web Application" and edit the task. Specify the option "Web application firewall policy" with "Default" or "Custom" value from the dropdown list. You must input the path of the "Web application firewall policy file " if you selected the "Custom" option. Save the task after completing your changes.
Important: If you use the CMUI to update the policy on an existing system, the schema name field will become blank.
You can click the blanked field (and enter the schema name) to repopulate the value.
Method 2: Open the configureicntask.xml file and edit the xml file directly. Go to the first line and find the "implementorid" attribute and edit the value.
The format for the value of the "implementorid" attribute is changed from "<authentication type>" to "<authentication type>.<web application firewall policy>". The valid values for <authentication type> are "none", "client", or "form", and the valid values for <web application firewall policy> are "default" and "custom".
For example, set the attribute to "implementorid=none.default" to use the "IBM Content Navigator desktop authentication" authentication type and the "Default" web application firewall policy and to "implementorid=client.custom" to use the "Application server authentication" authentication type and the "Custom" web application firewall policy.
If you choose the custom option, you must specify the firewall policy file path. For additional information, see the following sample.
Additional Information
If the authentication type is none (ICN desktop authentication) and the firewall policy is custom, a sample configureicntask.xml content is as follows:
<?xml version="1.0" encoding="UTF-8"?><configuration description="Enter the information that the configuration and deployment tool uses when it creates the IBM Content Navigator web application, such as the name for the application." displayName="Configure the IBM Content Navigator Web Application" enabled="true" implementorid="none.custom">
<property name="WebAppFirewallPolicyFile">
<value>C:\IBM\ECMClient\config\policy.xml</value>
<description/>
<displayName>Web application firewall policy file</displayName>
</property>
<property name="WebAppFirewallPolicyFile">
<value>C:\IBM\ECMClient\config\policy.xml</value>
<description/>
<displayName>Web application firewall policy file</displayName>
</property>
If the authentication type is none (ICN desktop authentication) and the firewall policy is default, a sample configureicntask.xml content is as follows:
<?xml version="1.0" encoding="UTF-8"?><configuration description="Enter the information that the configuration and deployment tool uses when it creates the IBM Content Navigator web application, such as the name for the application." displayName="Configure the IBM Content Navigator Web Application" enabled="true" implementorid="none.default">
Document Location
Worldwide
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEUEX","label":"IBM Content Navigator"},"ARM Category":[{"code":"a8m50000000ChuAAAS","label":"Content Navigator"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.0.8;and future releases","Line of Business":{"code":"LOB18","label":"Miscellaneous LOB"}}]
Was this topic helpful?
Document Information
Modified date:
01 July 2020
UID
ibm16216022