IBM Support

IBM Content Navigator Documentation: Web Application Firewall for security enhancements

Product Documentation


Abstract

IBM Content Navigator is now deployed with the ESAPI Web Application Firewall.

Content

The ESAPI Web Application Firewall is configured as a servlet filter in front of all IBM Content Navigator web services. An XML policy file contains the rules for the firewall to enforce. These rules can range from simple virtual patching to complex authorization enforcement with BeanShell scripts. The policy file for the firewall is stored in the IBM Content Navigator web application.

The file name of the policy file is install_dir/WEB-INF/ESAPIWafPolicy.xml.

To protect the web application from known security vulnerabilities, you can modify the policy file to add rules and block services. For more information about the structure of the policy file, the individual rules and how they work, and examples, see: Web Application Firewall Policy File Specification.

Restriction: The rule types detect-content and dynamic-insertion are not supported by IBM Content Navigator.

Minimum required version: IBM Content Navigator Version 2.0.3 Fix Pack 5.

[{"Product":{"code":"SSEUEX","label":"IBM Content Navigator"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"2.0.3;3.0.0;3.0.1","Edition":"","Line of Business":{"code":"LOB18","label":"Miscellaneous LOB"}}]

Document Information

More support for:
IBM Content Navigator

Software version:
2.0.3, 3.0.0, 3.0.1

Operating system(s):
AIX, Linux, Windows

Document number:
606537

Modified date:
17 June 2018

UID

swg27045720

Manage My Notification Subscriptions

Page Feedback