Require authorization for WSDL request
Use the glide.basicauth.required.wsdl property to designate if incoming WSDL (Web Services Description Language) requests should require basic authentication.
If glide.basicauth.required.wsdl system property is not set to the recommended value of true, then Basic Authentication for WSDL requests are disabled. WSDL is a protocol that is used to describe web services such as instance table schemas, and is not a mechanism for sharing the data within tables. Setting this property to true allows for disclosure of table schemas to unauthenticated users.
Ensure the property glide.basicauth.required.wsdl exists in the System Properties [sys_properties] table and is set to true.
Note:
If you choose not to require basic authentication for incoming WSDL requests, you must
modify Access Control (ACL) rules to enable guest users to access the WSDL content.
More information
Warning:
This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.
| Attribute | Description |
|---|---|
| Configuration name | glide.basicauth.required.wsdl |
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type | Boolean |
| Recommended value | true |
| Default value | <none> |
| Fallback value | false |
| Category | API and web service |
| Security risk |
|
| Functional impact | This remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
|
| Dependencies and prerequisites | None |