ATG components are configured with plain text properties files. You should set access levels on your properties files so they can’t be altered or viewed by unauthorized users. Only site administrators should have read and write permission. ATG must be invoked from an account with these permissions as well. The properties files that contain sensitive information typically reside in each server’s localconfig
directory. The most important properties files to protect include:
Component | Description |
---|---|
| Basic configuration for ATG |
| Default configuration for any service that uses SSL |
| Distributed transaction DataSource |
Note: Multiple versions of this component may exist in your installation; all of them may contain information that should be protected. | JTA participating and pooling DataSource |
| Checks the POP server for bounced e-mail |
The most important ATG Commerce properties files to protect include:
Component | Description |
---|---|
| A distributed transaction |
| A distributed transaction |
These ATG Commerce properties files are located in a .jar
file at <ATG10dir>/DCS/config/config.jar
. For more information on ProductCatalogFakeXADataSourceA.properties
and ProductCatalogFAkeXADataSourceB.properties
, refer to the ATG Commerce Programming Guide.