Require authorization for SOAP requests
Use the glide.basicauth.required.soap property to designate if incoming SOAP requests should require basic authorization.
The glide.basicauth.required.soap system property controls whether basic authentication is required to make a SOAP request to an instance. If glide.basicauth.required.soap is not set to the recommended value of true, then unauthenticated users performing SOAP operations are mapped to the soap.guest user. This may enable an unauthenticated user to perform operations on the instance as if a logged in user to the instance. There may be additional impact if the user define within com.glide.soap.guest_user is assigned additional roles.
Ensure that the property glide.basicauth.required.soap exists in the System Properties [sys_properties] tableand is set to the value true. Alternatively, configure the instance for WS Security by setting the property glide.soap.require_ws_security to true and following the product documentation to configure WS Security Profiles. If the property does not appear in the System Properties [sys_properties] table, add a new record.
More information
| Attribute | Description |
|---|---|
| Configuration name |
|
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type | Boolean |
| Recommended value |
|
| Default value | false |
| Fallback value |
|
| Category | API and web service |
| Security risk |
|
| Functional impact | This remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
To learn more, see SOAP web service and MID Server authentication credentials and SOAP requests. |
| Dependencies and prerequisites | None |