Require authorization for SOAP requests [Updated in Security Center 1.3 and 1.5]
Use the glide.basicauth.required.soap property to designate if incoming SOAP requests should require basic authorization.
The glide property glide.basicauth.required.soap controls whether basic authentication is required to make a SOAP request to an instance. If glide.basicauth.required.soap is not set to the recommended value of true, then unauthenticated users performing SOAP operations will be mapped to the soap.guest user. This may enable an unauthenticated user to perform operations on the instance as if a logged in user to the instance. There may be additional impact if the user define within com.glide.soap.guest_user is assigned additional roles.
More information
| Attribute | Description |
|---|---|
| Property name | glide.basicauth.required.soapglide.soap.require_ws_security |
| Configuration type | System Properties (/sys_properties_list.do) |
| Category | API and web service |
| Purpose | To enforce soap requests authorization. |
| Recommended value | true |
| Security risk rating | 8.1 |
| Functional Impact | This remediation enforces a combination of authentication methods, in
the form of basic authentication and system level access control.
To learn more, see SOAP web service and MID Server authentication credentials and SOAP requests. |
| Security risk | (Medium) Without appropriate authorization configured on the data source SOAP requests, an unauthorized user can access sensitive content/data on the target instance. |
| References | Authentication |
To learn more about adding or creating a system property, see Add a system property.