Ponton X/P 2.3 ? Installation and Configuration Guide

More documents

Recommendations

Info

6.5 Access to the Administration Tool Advanced Configuration This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses. By default only the HttpListener and the SoapListener are open to anyone. All other components are restricted to only local and private IP addresses. If you try to access any of these components from a non authorized IP address, you will get an Error 403 – Access denied. The authorized IPs are by default 127.0.0.1 192.168.0.0 – 192.168.255.255 10.0.0.0-10.255.255.255 172.16.0.0-172.16.255.255 169.254.0.0-169.254.255.255 Note: Clearly, access restrictions to your Messenger system may also be defined by means of appropriate firewall settings. Within the Ponton XP/Tomcat configuration, access is defined by means of so-called security valves, any number of which may be specified. These security valves can restrict access from certain addresses/address spaces or to specific components of the Ponton XP system such as the Messenger, the Listener, the administration tool, the adapter interface, etc. The relevant access settings are specified in the Tomcat configuration file as follows. [installation root]/tomcat-4.1.27/conf/server.xml By default you will see the following line at the end of the server.xml: allow="127\.0\.0\.1,192\.168\..*,10\..*,172\.16\..*, 169\.254\..*" pattern="/pontonxp/private/.*,/pontonxp/index.*, /pontonxp/Mess…" This will restrict the access to Admintool and Adapter-Service to just private IP networks. The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility. These expressions have to be separated by commas. Characters in regular expressions have the following meaning: . – any character will match Ponton X/P 2.3 – Installation and Configuration Guide 70
Advanced Configuration \ – escape character that causes the following character to be treated just as a regular character. * – the previous character can exist many times. Example: 192\.168\..* will cover IPs 192.168.0.0 to 192.168.255.255. An unlimited number of SecurityValve definitions can be defined. They will be used in the order they appear in the configuration. On each access to the webserver, it will check all the SecurityValves if the requested URL matches the pattern of a definition. If that is the case then the IP will be checked. All the definitions that have a matching pattern will be considered to the access check. If just one of them denies the IP, then the check is stopped and the request is denied. 6.6 Content Rules You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope). The content rules are defined specifically for each partner agreement. To create a new content rule go to Configuration → Agreements and choose the agreement you want to modify (i.e. the relevant local and remote partner). Then open the Rules tab and click on Create New Rule. Ponton X/P 2.3 – Installation and Configuration Guide 71
Page 1 and 2:
Messenger Installation and Configur
Page 3 and 4:
6.6 CONTENT RULES .................
Page 5 and 6:
1 Introduction 1.1 About Ponton X/P
Page 7 and 8:
Introduction Synchronous or asynchr
Page 9 and 10:
3 Installing Ponton X/P 2.3 3.1 Min
Page 11 and 12:
Installing Ponton X/P 2.3 Installat
Page 13 and 14:
Quick-Starting the Software Note: S
Page 15 and 16:
Quick-Starting the Software Configu
Page 17 and 18:
Quick-Starting the Software If you
Page 19 and 20: Notes Quick-Starting the Software
Page 21 and 22: Quick-Starting the Software In any
Page 23 and 24: Call up the Test Adapter from the m
Page 25 and 26: Quick-Starting the Software To chec
Page 27 and 28: Configuration Options above. You ca
Page 29 and 30: Message Queue Scan Interval Configu
Page 31 and 32: E-mail Configuration By setting up
Page 33 and 34: Configuration Options configuration
Page 35 and 36: For defining subject elements you c
Page 37 and 38: Configuration Options When you rece
Page 39 and 40: Configuration Options The Archive F
Page 41 and 42: Configuration Options You can also
Page 43 and 44: Configuration Options Finally, clic
Page 45 and 46: Configuration Options Ponton X/P 2.
Page 47 and 48: Configuration Options Note: Please
Page 51 and 52: Transport Certificates Transport ce
Page 53 and 54: Configuration Options This leads yo
Page 55 and 56: Communication Configuratio
Page 59 and 60: Configuration Options Each HFA regi
Page 61 and 62: Configuration Options If you activa
Page 63 and 64: 5.7 User Administration Two types o
Page 65 and 66: Advanced Configuration You can add
Page 67 and 68: Advanced Configuration Further, a m
Page 69: Advanced Configuration When the Lis
Page 73: Tomcat Settings Advanced Configurat
show all

Ponton X/P 2.3 ? Installation and Configuration Guide

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?