OBM access control with initString (SSO)

OBM access control with initString (SSO)

0 Votes

The OO interface of OBM supports automatic runbook execution via the integration user. To configure an OO flow in OBM a trusted relationship is required.

A trusted relationship allows users to login to any other system of the trusted systems domain without any check. Known users of a system can be configured on the other systems. These users are able to logon using the permissions on the destination system. This is a security risk because of missing access control.

In OMi 9 it was possible to modify the initString without effecting the automatic runbook execution.

In OBM 2018.11, if an OO flow is configured using same initString between OBM and OO the automatic runbook execution shows the configuration.

After init string change on OBM the automatic runbook execution shows an incomplete configuration. The OO flow is not visible. The configuration cannot be edited.

The request is to have an option like changing the initString so that the integration is still fully working on OBM but restricting access on OBM for OO.

1 Comment
Micro Focus Contributor
Micro Focus Contributor
Status changed to: Waiting for Votes
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.