instance security hardening - glide.security.url.whitelist - need details for this system property
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-09-2023 03:55 AM
glide.security.url.whitelist - created this system property (snapshot attached) to check its nature of operation but turned out as a fail. When logout from the admin user or a newly created user from the PDI, its not working as expected (enforces validation on logout page). Its redirecting to this page 'https://devXXXXXX.service-now.com/navpage.do'. But, the whitelist doesn't contain this URL. I wonder where it goes wrong. It would be great if someone expert in this could help out. And also if its working, like throwing error or blocking the redirect to malicious site, how to handle it. Thanks.
- Labels:
-
Security Operations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-11-2023 02:22 PM
Hi there - I would recommend posting in the Platform Privacy & Security forum to get a response there. In the meantime, the following product documentation may be helpful for you:
URL allow list for logout redirects (instance security hardening)
Multi-SSO (SAML 2.0) errors and fixes
Redirect single sign-on (SSO) logins
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-11-2023 10:46 PM
Thanks for your guidance. I appreciate it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-11-2023 10:55 PM
Thanks for you guidance. I appreciate it.