Attachment Security
NMS supports performing various validations on attachments (such as for switch plans and damage assessments). The validations are controlled by the following setting in CentricityServer.properites:
# This is the validator that should be used to validate attachments. Multiple validators can be configured.
# Custom validators can be used to integrate with an external malware scanner.
# All scanners must implement com.splwg.oms.common.ejbaccess.AttachmentValidator
# To disable the whitelist, comment or remove the following line:
attachment_validator = com.splwg.oms.server.util.ExtensionAttachmentValidator
The default validator will compare the attachments against a list of valid extensions. The extensions are defined in CentricityTool.properties:
# This is a list of file types that are allowed to be uploaded to NMS
allowed_extensions = jpg, jpeg, gif, png, pdf, txt, doc, docx, xls, xlsx, mp4, avi, odt, ott, oth, odm, ods, ots, odp, odg, otp
Project specific validators can also be configured, such as for virus scanning. They should implement com.splwg.oms.common.ejbaccess.AttachmentValidator.