| Oracle® Retail Predictive Application Server and Applications Security Guide Release 14.1.1 E61143-01 |
|
 Previous |
 Next |
| Oracle® Retail Predictive Application Server and Applications Security Guide Release 14.1.1 E61143-01 |
|
Previous |
Next |
This chapter discusses security for the RPAS Fusion Client.
Some factors affecting security are Authentication, Single Sign On, Authorization, and Auditing and Error Logging.
The application uses an external authentication model which uses pluggable plugged-in authentication providers in the Weblogic Server. This allows the retailer to use authentication providers such as Oracle Internet Directory. Users and groups are configured in the external authentication system, and are mapped to the Fusion Client roles. This can be done in the installer itself (using the input.security.user and input.security.group properties), or it can be done post-install using Oracle Enterprise Manager.
Fusion Client supports deployment in an SSO environment using perimeter authentication. A gateway component installed in the Web Tier is required to enforce authentication on all requests. The Fusion Client installation process provides an option to deploy the Fusion Client in an SSO-supporting mode. It is necessary that SSO users are also present in the RPAS domain.
For more information, see the Oracle Retail Predictive Application Server Installation Guide.
The Fusion Client provides role-based authorization. These roles are Application Development Framework (ADF) roles. The customers needs to map them to their enterprise users and groups as defined in (for example) LDAP. Initially this is done though the installer. Subsequently the Enterprise Manager tool found in the WebLogic application server can be used to administer the role mapping.
This section covers auditing and error logging.
The Fusion Client tracks users as they log in and log out. This is over and above any auditing done inside the customer's identity management product. To enable this, the log4j Category "common.security" is set by default to the INFO level. This provides an audit trail of user login and logout activities.
Error logging is configured in the file log4jConfig.xml that is present in the Fusion Client installation directory. In it the customer specifies the file system location of the log files. The customer also sets the logging levels for various categories (application areas).
The available levels are debug, info and error.
Debug produces the most comprehensive logging, and is appropriate for capturing data for reporting defects.
Info records a less comprehensive set of error reports. The file size is less than le sized file outputs and at the same time produces information for a first-level analysis of a defect. This is the recommended level for day-to-day use.
Error produces the least logging and only records application errors (which might or might not be fatal to the application as a whole).
There are two types of logging in the Fusion Client: a log that reports activities in the overall session (called "rpas_fc.log" by default), and a log where performance times are recorded (called "perf.log" by default). It is possible to change the location and names of these log files by configuration inside log4jConfig.xml.
The default values of the log file locations are not likely to match any location on the customer's file system. The customer must edit these values to point to secure locations.
It is also possible to roll over to new log files on a scheduled timing event, such as at the top of the hour or at the start of a new day. The method to configure such "rolling" logging is described in log4jConfig.xml.
RPAS Logging within User Session
The Fusion Client has a configuration property called "serverloglevel" whose value dictates the logging level of the RPAS Server process to which the user session is connected. The log file is called "rpas<sessionid>.log" and it is placed under the directory <RPAS-domain>/users/<userid>.
The Fusion Client does not store any sensitive data. It is also able to protect itself against click-jacking, cross site scripting, session fixation, and cross site request forgery attacks.
However, sensitive data flows through the Fusion Client as it moves between the browser and the RPAS Server. To protect data in transit, the data is encrypted using SSL on both the front and back end. Setting up front-end SSL is the customer's responsibility. SSL setup on the back end is mandatory.
There are a few parameters in the Fusion Client that the customer can modify post-install, that have a bearing on the application security profile. They are set to certain values that provide the maximum security possible. However, these factory settings may not necessarily work well in relation to a specific customer's needs. The entries in the following table enumerate the parameters, explain what they mean, and the implications of changing them from the factory settings.
Table 3-1 Factory Settings
| Name | Released Setting | Description |
|---|---|---|
|
announcements.update.delivery |
Never |
This setting determines how often to check for new announcements. If set to never, a check for new announcements is only carried out at login time. If set to onaction, checks are carried out more frequently and can cause some loss of performance. |
|
autocreate.concurrent.session |
False |
Automatically creates new concurrent RPAS session if set to true. Setting it to true without proper thought can lead to large numbers of abandoned user sessions consuming system resources. |
|
commitstatus.polling.interval |
30000 |
This is the time in milliseconds that must elapse between polling events issued by the browser to check for commit status changes. Lower values report client status more promptly but degrade performance. |
|
guidedlaunch.max.size |
50000 |
This is the size in bytes of the data provided in the body of the guided launch request. It should be no larger than the largest guided launch request. |
|
location of the images directory |
None |
The files system location where images of products are stored. Ensure that this location cannot be accessed by unauthorized users. |
|
perftiming.enabled |
False |
This setting enables enhanced logging to capture performance timings. It is useful to diagnose performance issues. It is suggested it is only enabled when required as the logging does result in a small performance penalty. |
|
printexport.maximum.cells |
200000 |
Print/export will work only if cells in question do not exceed this value in number. Higher values can cause the server to fail with an out-of-memory error. It should be set to lowest acceptable value. |
|
RPAS domain IP address and port number |
None |
The location of the RPAS domains. Ensure that the values cannot be changed by unauthorized users. |
|
serverloglevel |
Error |
This is the logging level of the RPAS Server. It is set for the duration of the user session. Lower levels collect more information and may be required for tracking defects. However, this can severely degrade performance. It is therefore recommended that the log level is only set to the lower levels when there are repetitive defects to be identified. |
|
session.timeout |
35 |
This determines how long a session between the browser and the application server should be inactive before expiring. The value is in minutes. It should be set to the smallest value acceptable to users. |
