MxLoader

 View Only

  • 1.  Prevent Use of MxLoader for a Specific Environment

    Posted 12-07-2021 09:43

    Hi All,

    Is there a way to prevent someone from using MxLoader to load data into a specific environment? For example, I want to allow data loading into development, training, and test environments, but not the production environment. Can this be controlled via a security group? Or is there a different approach?

    Thanks

    Stevie



    ------------------------------
    Stevie Holloway
    Tufts University
    ------------------------------


  • 2.  RE: Prevent Use of MxLoader for a Specific Environment
    Best Answer

    Posted 12-07-2021 10:40
    At the end of the day, your users would need access to the object structures. If your users do not have access to the object structures in PROD then they would not be able to utilize them. Not all object structures have security configured by default so some can be used by anyone with credentials by default. You can enforce object structure security by enabling the mxe.int.enableosauth system property. If an object structure doesn't have security configured on it (either an app or object structure specific security) then it won't be usable. 

    That being said, the new Maximo UI frameworks (Work Centers & Graphite application framework) as well as most mobile solutions (including Maximo Anywhere & Maximo Mobile) utilize object structures so if you use them your users will need access to at least some of the object structures. In that scenario I don't think it's currently possible to prevent MXLoader.

    ------------------------------
    Steven Shull
    IBM
    ------------------------------

    Original Message


  • 3.  RE: Prevent Use of MxLoader for a Specific Environment

    Posted 12-08-2021 10:27
    Thank you for the information.

    Stevie

    ------------------------------
    Stevie Holloway
    Tufts University
    ------------------------------

    Original Message


  • 4.  RE: Prevent Use of MxLoader for a Specific Environment

    Posted 12-09-2021 09:43
    As luck would have it, I'm subscribed to IBM Notifications and this came into my inbox yesterday.

    How to configure Object Structure Security

    ------------------------------
    Stevie Holloway
    Tufts University
    ------------------------------

    Original Message


  • 5.  RE: Prevent Use of MxLoader for a Specific Environment

    Posted 09-19-2023 15:54

    Stevie,  Long time no see (at GDIT Montgomery), but I ran across your post here.

    This may be helpful to you from the approach of securitying connections like MXLoader for example.

    Question

    How to manage security on Object Structures to prevent users from modifying data with HTTP servlets?

    Answer

    In the Object structures application there are two ways to manage security:

    1) Application-level authorization

    Menu - Object Application Authorization: In the Authorized Application field, specify the application to authorize.

    To restrict access to the object structure, do not grant access to the application listed in this option.

    2) Object structure-level authorization. Feature starting in version 7.6.0.5.

    Enabled with System property mxe.int.enableosauth
    a) mxe.int.enableosauth=1 means that authorization must be configured for the object structure - In the Object Structure application - Menu Configure Object Structure Security. The object structure behaves like an application with this configuration - you can't use it unless granted authorization.
    b) mxe.int.enableosauth=0 means that authorization configuration is not required in the Object Structure application.


    https://www.ibm.com/support/pages/mif-object-structure-authorization

    My current Maximo project uses this approach along with others.

    Stay Safe Mr. Stevie !




    ------------------------------
    Joe Fullington
    CGI Technologies and Solutions Inc.
    ------------------------------

    Original Message


Related Content