Overriding Security Profile Settings

Integration Server 11.1 | Integration Server Administrator's Guide | Setting a Security Profile for Integration Server | Overriding Security Profile Settings

Enabling a security profile can sometimes introduce breaking changes in the existing implementation and Integration Server might not work as expected. Therefore, there might be a need to adjust specific security settings to restore the expected behavior of the server. Similarly, it might be necessary to override certain settings for specific integration scenarios. To override security settings applied using a security profile, Integration Server provides the custom-security.properties file. The file is created when you start an Integration Server instance, and it is initially empty.

A sample custom-security.properties file:

settings.watt.server.password.mode=strict
settings.watt.server.http.X-XSS-Protection=1; mode=block
settings.watt.server.http.enable=false

The settings in custom-security.properties always take precedence over the security profile. However, this is applicable only if a security profile is in use. Otherwise, the settings in custom-security.properties have no effect.

If a profile is in use and you update the server configuration parameter corresponding to a setting in the profile, and restart Integration Server, the parameter resets to the value specified by the profile. Using the custom-security.properties file is the only way to override settings applied by a profile.

If a configuration variables template (application.properties) is in use, the template takes precedence over the security profile and the custom-security.properties file.

To override the security settings applied using a security profile

1. Go to Integration Server_directory\instances\instance_name\config\security.

2. Open the custom-security.properties file, add an entry in the following format, and save the changes to the file.

settings.<server configuration parameter for the security setting>=<value>

For information on the settings that you can override using the custom-security.properties file, see Differences Between Security Profiles. The settings accept the same values as the corresponding server configuration parameter. For information about the allowed values for a setting, see the documentation for the server configuration parameter in Server Configuration Parameters.

3. Restart Integration Server.