Jump to: navigation, search
Line 11: Line 11:
 
To enable Ingress secured endpoint configuration for Web Service and Applications, the customer perform changes in the Environment File during the deployment. While editing the '''parameters.yaml''' file, the '''ingressTlsEnable''' variable is set as '''true''' to enable TLS.
 
To enable Ingress secured endpoint configuration for Web Service and Applications, the customer perform changes in the Environment File during the deployment. While editing the '''parameters.yaml''' file, the '''ingressTlsEnable''' variable is set as '''true''' to enable TLS.
  
For more details, refer to [[Documentation:HTCC:Dep:ConfigurationPremise|Configuring Web Services and Applications]].
+
For more details, refer to [[Documentation:HTCC:Dep:ConfigurationPremise|InstallingAndDeploying]].
  
 
[[Category:V:HTCC:9.0.0DRAFT]]
 
[[Category:V:HTCC:9.0.0DRAFT]]

Revision as of 09:05, February 5, 2020

Configuring security

Web Services adheres to the standards described in the Open Web Application Security Project (OWASP) Top 10 — see the OWASP website for details about the Top 10 — and has adopted several methods of ensuring security, for example:

  • Errors are logged locally to prevent information leakage through API requests.
  • User sessions have a timeout option.
  • Cross Site Request Forgery Protection

Transport Layer Security

Transport Layer Security (TLS) is available only in Kubernetes-based deployment. This is not available in Docker Compose-based deployment.

To enable Ingress secured endpoint configuration for Web Service and Applications, the customer perform changes in the Environment File during the deployment. While editing the parameters.yaml file, the ingressTlsEnable variable is set as true to enable TLS.

For more details, refer to InstallingAndDeploying.

Comments or questions about this documentation? Contact us for support!