CSP Gateway Configuration Guide - InterSystems Documentation

intersystems.com

CSP Gateway Configuration Guide - InterSystems Documentation

CSP Web Gateway Management Page

You can also use wildcards, such as, in this example:

[SYSTEM]

System_Manager=190.8.7.*

The following directive grants access to all clients:

[SYSTEM]

System_Manager=*.*.*.*

However, it is not recommended that such a directive be used on operational systems.

There are shortcomings in using this scheme as a way of protecting the CSP Web Gateway Management page. This scheme

does not provide strong security. To check web clients, the IP address of a client is obtained from the CGI environment

variable REMOTE_ADDR. Client IP addresses can be spoofed.

The use of a proxy between the client and the web server/Gateway installation effectively translates all client IP addresses

to that of the proxy. In this scenario you would have to either specify the proxy’s IP address as a Gateway Systems Manager

(which would effectively grant access to all web users coming in through the proxy) or, preferably, enable the designated

systems managers to bypass the proxy layer altogether.

The IP-based scheme, while useful as a first line of defense, should not be relied upon as the sole means through which

access to the CSP Web Gateway Management page is controlled – certainly not for CSP installations that are available

over the Internet. For production systems it is recommended that you use the hosting web server configuration to control

access to the Gateway systems management modules.

2.1.2 Checking System Status

The System Status option displays the status of all active CSP connections. You must be a system manager to use this

feature.

First Table: Connections to Caché

The first status table (Connections to Caché) displays information on connections to Caché.

Item

Connection Number

Gateway PID

Server Name

IP Address

TCP Port

Caché PID

Status

Activity

Close

Function

Number that the CSP Gateway assigns to the connection.Your Caché license

determines the number of possible connections.

The Gateway (or hosting web server) process ID for the connection.

Name of the Caché system connected to.

IP address of the Caché system.

TCP port on the Caché server through which the connection communicates.

The default port is 1972.

Process ID on the Caché server.

Indicates whether information is being sent to or from the Caché system. If this

column reads Free, no information is being sent and the connection is ready

to process the next request. If it reads In Use, information is being transmitted

through the connection. If it reads Private, the connection is state-aware

(preserve mode 1) and not free for general use.

Number of transactions (hits) the connection has processed.

If available, allows you to forcefully close down the connection by clicking it.

CSP Gateway Configuration Guide 13

More magazines by this user
Similar magazines