Oracle Commerce Platform components are configured with plain text properties files. You should set access levels on your properties files so they cannot be altered or viewed by unauthorized users. Only site administrators should have read and write permission. The Oracle Commerce Platform must be invoked from an account with these permissions as well. The properties files that contain sensitive information typically reside in each server’s localconfig
directory. The most important properties files to protect include:
Component | Description |
---|---|
| Basic configuration |
| Default configuration for any service that uses SSL |
| Distributed transaction data source |
Note: Multiple versions of this component may exist in your installation; all of them may contain information that should be protected. | JTA participating and pooling data source |
| Checks the POP server for bounced e-mail |
The most important Core Commerce properties files to protect include:
Component | Description |
---|---|
| A distributed transaction |
| A distributed transaction |
These Core Commerce properties files are located in a .jar
file at <ATG11dir>/DCS/config/config.jar
. For more information on ProductCatalogFakeXADataSourceA.properties
and ProductCatalogFAkeXADataSourceB.properties
, refer to the Core Commerce Programming Guide.