Jump to: navigation, search
(Created page with "= Configuring security= Web Services adheres to the standards described in the Open Web Application Security Project (OWASP) Top 10 — see the [http://www.owasp.org/index...")
 
(Undo revision 883279 (GAPI-23481) the link is corrected to reflect reorganized structure)
(Tag: Undo)
 
(14 intermediate revisions by 3 users not shown)
Line 1: Line 1:
= Configuring security=
+
= Configuring Security=
Web Services adheres to the standards described in the Open Web Application Security Project (OWASP) Top 10 — see the [http://www.owasp.org/index.php/Main_Page OWASP website] for details about the Top 10 — and has adopted several methods of ensuring security, for example:
+
Genesys Web Services and Applications follows security guidelines to minimize risks as outlined in the {{#Widget:ExtLink|link=https://owasp.org/www-project-top-ten/|displaytext= Open Web Application Security Project (OWASP) Top 10}}. It has adopted several methods of ensuring security, for example:
*Errors are logged locally to prevent information leakage through API requests.
 
 
*User sessions have a timeout option.
 
*User sessions have a timeout option.
 
*Cross Site Request Forgery Protection
 
*Cross Site Request Forgery Protection
 +
{{NoteFormat|
 +
Genesys does not recommend deploying Web Services and Applications with internet accessibility without additional security controls such as IP whitelisting restrictions.}}
  
Web Services includes additional security configurations that you can use with your installation:
+
==Transport Layer Security==
* [[SecuredConnections|Transport Layer Security (TLS)]]
 
* [[SecuredConnectionsSAML|Security Assertion Markup Language (SAML) authentication]]
 
* [[CSRFProtection|Cross-Site Request Forgery (CSRF) protection]]
 
* [[CORS|Cross-Origin Resource Sharing (CORS) filter]]
 
  
For details about how Web Services handles authentication, see [[SecuredConnectionsSAMLHTCCFlow|Web Services authentication flow]].
+
===Docker Compose===
 +
To enable secured endpoint configuration for Web Services and Applications, edit the '''common-env''' file and set '''GWS_HTTPS_ENABLE''' to <tt>true</tt>.
 +
For more details, [[Documentation:HTCC:Dep:SimplifiedLabDeployment|Deployment of Web Services and Applications in Docker Compose]].  
  
==Next step==
+
===Kubernetes===
* [[StartWSA|Starting and stopping Web Services and Applications]]
+
To enable ingress secured endpoint configuration for Web Services and Applications, edit the '''parameters.yaml''' file and set '''entryPoint.external.ingress.tlsEnable''' to <tt>true</tt>.
 +
 
 +
For more details, refer to [[Documentation:HTCC:Dep:InstallingAndDeploying|Deployment of Web Services and Applications in Kubernetes]].
 +
 
 +
[[Category:V:HTCC:9.0.0DRAFT]]

Latest revision as of 20:54, September 28, 2020

Configuring Security

Genesys Web Services and Applications follows security guidelines to minimize risks as outlined in the Open Web Application Security Project (OWASP) Top 10. It has adopted several methods of ensuring security, for example:

  • User sessions have a timeout option.
  • Cross Site Request Forgery Protection
Important
Genesys does not recommend deploying Web Services and Applications with internet accessibility without additional security controls such as IP whitelisting restrictions.

Transport Layer Security

Docker Compose

To enable secured endpoint configuration for Web Services and Applications, edit the common-env file and set GWS_HTTPS_ENABLE to true. For more details, Deployment of Web Services and Applications in Docker Compose.

Kubernetes

To enable ingress secured endpoint configuration for Web Services and Applications, edit the parameters.yaml file and set entryPoint.external.ingress.tlsEnable to true.

For more details, refer to Deployment of Web Services and Applications in Kubernetes.

This page was last edited on September 28, 2020, at 20:54.
Comments or questions about this documentation? Contact us for support!