Encoding credentials in URLs

You can control whether the credentials passed in an IBM® Business Process Manager URL that implements redirect-login.jsp are encoded. For example, you can encode credentials in a URL that is used to start a service directly from IBM Process Designer.

Before you begin

Verify the following components are stopped before completing this task:
  • IBM Process Center Server
  • IBM Process Server

About this task

To control encoding, use the <encode-redirect-url-credentials> property in the 00Static.xml file, which you can find in the following directory: PROFILE_HOME\config\cells\cell_name\nodes\node_name\servers\server_name\process-server\config\system.

To make changes to the configuration, you must copy content from the 00Static.xml file to the 100Custom.xml file is located in the PROFILE_HOME\config\cells\cell_name\nodes\node_name\servers\server_name\process-server\config\100Custom.xml file.
Important: Make all required modifications to the 100Custom.xml file. Do not edit the 00Static.xml file.

Procedure

  1. Open the 00Static.xml file in a text editor.
  2. In the 00Static.xml file, copy each property you want to change.
  3. Open the 100Custom.xml file in a text editor.
  4. Paste the following properties from the 00Static.xml file into the 100Custom.xml file. 
    <authoring-environment merge="mergeChildren">
	<encode-redirect-url-credentials merge="replace">true</encode-redirect-url-credentials>
</authoring-environment>
  5. Modify the value of the <encode-redirect-url-credentials> property. By default, this property is set to true so that credentials passed in an IBM BPM URL are encoded. If you change the setting to false, the URL is composed with credentials in plain text.
  6. Save your changes.
  7. Start IBM Process Center Server andProcess Server.
Parent topic: Managing IBM Business Process Manager configuration settings