Require Authorization for XSD Requests [Updated in Security Center 1.3]

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:2分

    • Use the glide.basicauth.required.xsd property to designate if incoming XSD (XML Schema Definition) requests should require basic authentication.

    Ensure the property glide.basicauth.required.xsd exists in the sys_properties table and is set to true.

    More information

    警告:
    This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.
    Attribute Description
    Property name glide.basicauth.required.xsdglide.basicauth.required.xsd
    Configuration type System Properties (/sys_properties_list.do)
    Category API and web service
    Purpose To enforce basic authentication on XSD requests.
    Recommended value true
    Security risk rating 5.3
    Functional impactThis remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
    • It performs this authentication while retrieving data from tables/pages in the form of XSD data on the instance.
    • It restricts any guest users who are currently accessing this data. If applicable, you may need to create a new account for users who need access to this content, with necessary access control permissions.

    To learn more, see Non-interactive sessions.
    Security risk (Moderate) Without appropriate authorization configured on the incoming XSD requests, an unauthorized user can get access to sensitive content/data on the target instance.
    References Authentication