1. Securing Oracle Enterprise Data Quality
  2. Applying Recommended Security Settings

2 Applying Recommended Security Settings

This chapter provides tips for securing the EDQ environment.

The chapter includes the following sections:

  • Configuring SSL with WebLogic
    This section describes how to configure SSL with WebLogic.
  • Configuring SSL with Tomcat
    This section describes how to configure SSL with Tomcat.
  • Processor Security
    This section provides information about processor security.
  • Encrypting LDAP Connections
    Connections from EDQ to an LDAP directory can be encrypted using either an SSL/TLS connection layer or by negotiating encryption after a connection has been established (StartTLS).
  • Encrypting Database Connections
    JDBC URL syntax for connections over TLS is dependent on the database driver being used.
  • Limit Concurrent Logins
    A limit can be specified in login.properties for the number of concurrent logins by an individual user. The limit is concurrent logins per application. So if the sessionlimit is 1 a user can login to director, server console, case management at the same time but cannot login twice to any.
  • Account with Minimal Permissions for Service Integration
    An EDQ account used by a remote system such as Siebel or Oracle Data Integrator should have the minimum set of permissions on an EDQ system.
  • Protect JNDI Data Sources
    Unless specific steps are taken, a user in EDQ can set up a data store with a reference to the JNDI name of any existing data source and then access data in these schemas, which can contain very sensitive information.
  • Blocking the Upload of Malicious Files
    To configure the server to block the upload of files according to the names or type of files, set the following parameters in director.properties.

Configuring SSL with WebLogic

This section describes how to configure SSL with WebLogic.

For instructions on configuring SSL with WebLogic Server, see the WebLogic documentation:

Overview of Configuring SSL in WebLogic Server

Parent topic: Applying Recommended Security Settings

Configuring SSL with Tomcat

This section describes how to configure SSL with Tomcat.

For additional Tomcat information, see Apache Tomcat Configuration Reference at Apache Tomcat.

For additional mod_ssl information, see Apache Module mod_ssl at

http://httpd.apache.org/docs/2.2/mod/mod_ssl.html

Parent topic: Applying Recommended Security Settings

Processor Security

This section provides information about processor security.

For more information, see Configuring Secure Script Execution in Administering Oracle Enterprise Data Quality.

Parent topic: Applying Recommended Security Settings

Encrypting LDAP Connections

Connections from EDQ to an LDAP directory can be encrypted using either an SSL/TLS connection layer or by negotiating encryption after a connection has been established (StartTLS).

Parent topic: Applying Recommended Security Settings

Encrypting Database Connections

JDBC URL syntax for connections over TLS is dependent on the database driver being used.

Connections to an Oracle database can be encrypted by adding the following property to the datasource connection pool configuration.:

oracle.net.encryption_client = REQUIRED

Parent topic: Applying Recommended Security Settings

Limit Concurrent Logins

A limit can be specified in login.properties for the number of concurrent logins by an individual user. The limit is concurrent logins per application. So if the sessionlimit is 1 a user can login to director, server console, case management at the same time but cannot login twice to any.

This can be configured either globally or on a per realm basis. To set this globally for all realms, use the following line:

sessionlimit = 1

To use different settings for different realms, specify the realm name before the parameter - for example:

internal.sessionlimit = 1

Note:

Using the line given above, you can also limit the concurrent logins in an `internal' realm, meaning the users set up and administered in EDQ itself.

<external realm name>.sessionlimit = 1

Parent topic: Applying Recommended Security Settings

Account with Minimal Permissions for Service Integration

An EDQ account used by a remote system such as Siebel or Oracle Data Integrator should have the minimum set of permissions on an EDQ system.

Specifically, the account should be in a custom group with the following permissions only, and no access to log into any user applications or perform any other functions:

  • System / Connect to Messaging System - so that it is authorized to communicate with EDQ web services and JMS.

  • System/ System Administration - so that it is authorized to connect to the EDQ Management (JMX) Port and can initiate jobs.

  • Permissions to any projects containing any service interfaces (e.g. web services or jobs) that it needs to be able to call.

Parent topic: Applying Recommended Security Settings

Protect JNDI Data Sources

Unless specific steps are taken, a user in EDQ can set up a data store with a reference to the JNDI name of any existing data source and then access data in these schemas, which can contain very sensitive information.

To protect JNDI data sources in EDQ, specify the names (or regular expressions matching the names) in director.properties: 

protected.jndi.datasources = <space separated list of JNDI names>

For example:

protected.jndi.datasources = jdbc/edqconfig jdbc/edqresults

The property is a space-separated list of regexes so you could also use:

protected.jndi.datasources = jdbc/edq.*

Note:

When setting this value in the local director.properties, always include the default setting from the base properties file. This setting prevents access to the WebLogic internal data sources as well as the EDQ data sources.

Parent topic: Applying Recommended Security Settings

Blocking the Upload of Malicious Files

To configure the server to block the upload of files according to the names or type of files, set the following parameters in director.properties.

Parameter Name Type Default Value

upload.check.names

Boolean

True.

If the value is set to false, no checks are done for the parameter name.

upload.valid.names

Text

A comma or separated list of valid file names.

upload.valid.types

Text

A comma or separated list of Java-recognised MIME file types, such as text/csv, image/bmp, text/plain etc

For a list of MIME file types, see MIME types.

Note:

To disable the check (to allow files of any type), set an empty value to the parameter, upload.valid.types =

upload.invalid.names

Text

A comma or separated list of invalid file names.

Note:

The following properties are applicable for upload.valid.names and upload.invalid.names parameters.

  1. Each name in this list is either a suffix (such as .pdf) or a regex prefixed with ~. If a regex is used it is matched against the full name of the file.

  2. A file name is rejected if:

    • upload.valid.names is specified and the file name does not match any of the items in the list.

    • upload.invalid.names is specified and the name matches any of the items in the list.

  3. All checks are not case sensitive.

Parent topic: Applying Recommended Security Settings