Import request authorization (instance security hardening)

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • Use the glide.basicauth.required.importprocessor property to designate if incoming import requests should require basic authentication.

    More information

    Attribute Description
    Property name glide.basicauth.required.importprocessor
    Configuration type System Properties (/sys_properties_list.do)
    Configure in Instance Security Center Yes
    Purpose To enforce basic authentication on import requests.
    Recommended value true
    Functional ImpactThis remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
    • It performs this authentication while importing data sources into the instance tables/pages.
    • It restricts any guest users who are currently accessing this data. If applicable, you may need to create a new account for users who need access to this content, with necessary access control permissions.

    To learn more, see Retrieving data from a CSV formatted file.
    Security risk (Medium) Without appropriate authorization configured on the datasource import requests, an unauthorized user can get access to sensitive content/data on the target instance.
    References SOAP web services security SOAP web service

    To learn more about adding or creating a system property, see Add a system property.