Additional security options The application has a wide variety of security options to choose from. Depending on the security requirements of your particular deployment, it might make sense to run the system with all of its security options enabled. Some of the options make the system more secure, but can offer additional complexity from an implementation standpoint. All security settings in this page are configured in System Properties > Security. Remember me login cookieWhen you log on to the instance, you have the option to select the Remember me check box on the login screen, which stores a cookie on your browser.Double-check form submissionWhen the system determines that a particular field (such as task.number) should not be written to by the current user, the system renders that field in a read-only mode, which is why the number field is not writable on most incidents. Script sandboxingThere are two cases within the system that allow the client to send scripts to the server for evaluation.Enable the AJAXEvaluate processorAs was mentioned in the section on script sandboxing, the AJAXEvaluate API call allows the client to send, and execute, arbitrary script on the server. Apply ACLs to AJAXGlideRecord (client side Glide record)From within client scripts, it is possible to query arbitrary data from the server via the AJAXGlideRecord (renamed GlideAjax) API, by using syntax similar to a server-side glide record. This is an extremely powerful and useful tool in many deployments. You can set a system property to perform ACL validation when server-side records (for example, tables) are accessed using GlideAjax APIs within a client script. Mutual authenticationMutual Authentication establishes trust by exchanging secure sockets layer (SSL) certificates.Web service securityWeb service security is enforced using the combination of basic authentication challenge/response for the HTTP protocol, as well as system level access control using the Contextual Security Manager. Additionally, there is a set of web service specific roles that may be granted to the web service user. WS-securitySupport for WS-Security 1.1 in the form of WSS X.509 Token Profile and WSS Username Token Profile is available for incoming SOAP requests.Related TasksMake a page publicRelated ConceptsHigh Security SettingsCertificatesExtended table securitySet security for items and categoriesUseful security scriptsRelated ReferenceGeneral security settings properties
Additional security options The application has a wide variety of security options to choose from. Depending on the security requirements of your particular deployment, it might make sense to run the system with all of its security options enabled. Some of the options make the system more secure, but can offer additional complexity from an implementation standpoint. All security settings in this page are configured in System Properties > Security. Remember me login cookieWhen you log on to the instance, you have the option to select the Remember me check box on the login screen, which stores a cookie on your browser.Double-check form submissionWhen the system determines that a particular field (such as task.number) should not be written to by the current user, the system renders that field in a read-only mode, which is why the number field is not writable on most incidents. Script sandboxingThere are two cases within the system that allow the client to send scripts to the server for evaluation.Enable the AJAXEvaluate processorAs was mentioned in the section on script sandboxing, the AJAXEvaluate API call allows the client to send, and execute, arbitrary script on the server. Apply ACLs to AJAXGlideRecord (client side Glide record)From within client scripts, it is possible to query arbitrary data from the server via the AJAXGlideRecord (renamed GlideAjax) API, by using syntax similar to a server-side glide record. This is an extremely powerful and useful tool in many deployments. You can set a system property to perform ACL validation when server-side records (for example, tables) are accessed using GlideAjax APIs within a client script. Mutual authenticationMutual Authentication establishes trust by exchanging secure sockets layer (SSL) certificates.Web service securityWeb service security is enforced using the combination of basic authentication challenge/response for the HTTP protocol, as well as system level access control using the Contextual Security Manager. Additionally, there is a set of web service specific roles that may be granted to the web service user. WS-securitySupport for WS-Security 1.1 in the form of WSS X.509 Token Profile and WSS Username Token Profile is available for incoming SOAP requests.Related TasksMake a page publicRelated ConceptsHigh Security SettingsCertificatesExtended table securitySet security for items and categoriesUseful security scriptsRelated ReferenceGeneral security settings properties
