BPM, Workflow, and Case

 View Only

Recipe: Steps to allow IBM BPM/BAW UI to connect to other domains

By KEERTHANA SHARATH posted Wed September 29, 2021 10:40 AM

  

IBM BAW provides configuration settings at the deployment environment level to harden security that mitigates web application threats; enable them by setting custom properties at the DE level in the configuration repository by using setBPMProperty command

Overview

Skill Level: Any Skill Level

BPM/BAW skill needed

Ingredients

BPM standard, BPM UI, BAW

Step-by-step

  1. Start the wsadmin scripting client

    wsadmin tool is used to configure and administer application servers, application deployment, and server runtime operations. Open a command prompt and navigate to the BPM/BAW <install root>/bin and start the wsadmin using the below command

    wsadmin.bat -lang jython

     

  2. Run the setBPMProperty command to allow BPM to connect to an outside URL/Domain

    AdminTask.setBPMProperty([‘-de’, ‘WorkflowCenter’, ‘-name’,’Security.ContentSecurityPolicyHeaderValue’, ‘-value’, “default-src ‘self’ ‘unsafe-inline’
    ‘unsafe-eval’ https://bpm1.ibm.com:8410 ;frame-ancestors ‘self’; img-src ‘self’ data:”])

    1) Replace ‘WorkflowCenter’ with the name of your deployment environment

    2) Replace https://bpm1.ibm.com:8410 with url:portnumber to which you want to connect to securely.

    By running this command, you are setting the ContentSecurityPolicyHeaderValue Security property. This property instructs the browser to load and run assets in the context of Business Automation Workflow user interfaces only from a set of whitelisted origins. The above command instructs the browser to retrieve data from the whitelisted URI.

  3. Run the getBPMProperty to verify the updates done

    AdminTask.getBPMProperty([‘-name’, ‘Security.ContentSecurityPolicyHeaderValue’])

    This should reflect the updated value for the property

  4. Save the configuration

    Run AdminConfig.save() to save the changes done.

    Now you should be able to connect to the external domain from your BPM/BAW UI


#BusinessAutomationWorkflow(BAW)
#agileintegrationarchitecture

Permalink