Security Best Practices
• Do not allow the adapter to accept plain HTTP requests. The option.no_multispeak_force_https property in the $NMS_CONFIG/jconfig/build.properties file should be commented out. This is the default.
• Require Basic HTTP Authentication to be used instead of passing credentials in the header of MultiSpeak messages. The option.no_multispeak_http_auth property in the $NMS_CONFIG/jconfig/build.properties file should be commented out. This is the default.
• Deploy the MultiSpeak Adapter on a different WebLogic server from the one where the main NMS functionality (cesejb.ear) is deployed.
Note: The MultiSpeak Adapter needs to be re-built using the nms‑install‑config ‑‑java command if the properties above in the $NMS_CONFIG/jconfig/build.properties file are modified.