Siebel CRM Siebel Security Guide Siebel Innovation Pack 2016, Rev. A E24814-01 |
|
Previous |
Next |
View PDF |
URL-based authentication for authenticating HTTP EAI and HTTP Web service requests through credentials passed as part of the request body or as part of the request URL is no longer supported. The inclusion of credentials in the URL can lead to the inadvertent exposure of user credentials if the user shares a URL as a bookmark.
As of Siebel Innovation Pack 2016, URL-based authentication for any integration with a Siebel application is not supported and it cannot be enabled for any use case. This change has been gradually introduced using the transitional parameter, EnableURLCredentials, which you can add to and set in the eapps.cfg file as follows:
Setting EnableURLCredentials to True in the eapps.cfg file enables the continued use of URL-based authentication for Siebel versions, prior to Siebel Innovation Pack 2016, supporting it.
Setting EnableURLCredentials to False in the eapps.cfg file sets the standard secure setting (and disables URL-based authentication).