Validate query ACLs on Glide DB functions [New in Security Center 7.0]
Control whether query ACLs are applied to Glide DB functions using system properties.
When the glide.db.encoded_query.check_function_field_query_acls system property is set to true, query ACLs (query_range and query_match) are validated by default on these Glide DB functions:
- glidefunction:position
- glidefunction:substring
- glidefunction:concat
- glidefunction:coalesce
- glidefunction:length
To validate these query ACLS on additional functions, add those functions to the glide.db.encoded_query.force_query_range_on_functions system property.
Set the glide.db.encoded_query.check_function_field_query_acls system property to true, or confirm that the property isn’t on the System Properties [sys_properties] list.
More information
| Attribute | Description |
|---|---|
| Configuration name |
|
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type |
|
| Recommended value |
|
| Default value |
|
| Fallback value |
|
| Category | Access control |
| Security risk |
|
| Functional impact | Users may expect to see values from function fields but get blocked due to ACLs enforced on the function fields. |
| Dependencies and prerequisites | None |
To learn more about adding or creating a system property, see Add a system property.