Powered by Algolia

    Whitelisting packages

    Package whitelisting serves as a security measure to control which packages and classes are allowed to be loaded and executed within an application. This can help make sure authorized code from running within the application.

    Whitelisting packages in RPM

    To whitelist packages in RPM

    1. Go to /usr/local/openiam/services.
    2. Modify start.sh.
    3. Add the following argument there.
    -Dorg.openiam.groovy.extra.whitelist.package=package_name

    You may need to do it for the script connector if you use extra packages in connector groovy scripts. Hence, the same should be done for start.sh in /usr/local/openiam/connectors.

    Redeploy service to apply the change.

    Whitelisting packages in Docker Compose

    To whitelist packages in docker compose

    • Go to the yaml file of the service and change the following line in them.
    -Dorg.openiam.groovy.extra.whitelist.package=package_name

    To apply the changes, redeploy service, for example by restarting it.

    Whitelisting packages in Kubernetes

    To whitelist packages in Kubernetes

    • Use variables in terraform script to add following arguments for the services for which you want to whitelist packages.
    -Dorg.openiam.groovy.extra.whitelist.package=package_name

    An example of whitelisting procedure for java.io package is given in the document by the link.

    Previous
    Getting started with JWT tokens
    Next
    Batch / Scheduled Tasks