Protecting against clickjacking

If you integrate Network Manager web applications into your own product, be aware that the integration will not be able to display the Database Access GUI and the Discovery Configuration GUI, due to a protective filter implemented within Network Manager. These two GUIs contain sensitive information; preventing integration of these two GUIs protects you against clickjacking, whereby an intruder creates a GUI overlay to capture data. You can disable the filter; however. this is not recommended.

The filter is implemented using the tnm.enableClickjackProtection property in the tnm.properties file.
Note: If this property is not present in the file then filtering is enabled by default.
  1. Back up and edit the $NMGUI_HOME/profile/etc/tnm/tnm.properties file.
  2. Find the entry tnm.enableClickjackProtection=true.
  3. Change the entry to tnm.enableClickjackProtection=false.
    Note: If this property is not present in the file then type: tnm.enableClickjackProtection=false.