Try OpenEdge Now
skip to main content
Server Administrator's Guide
Business Process Server web security : Configuring web security : XSRF configuration for web security : XSRF config handler configuration
XSRF config handler configuration
XSRF supports multiple handlers' configurations with each handler having its own configuration file.
The default handler configuration, the below property is used, if there is no handler configured while integrating with the portal.
To define a new configuration:
1. Prefix all the properties to the configuration with websecurity.xsrf.handler.config.<configname>.propertyName=propertyValue.
All the properties configured with the associated handler config name is accessed using the API.
2. Each handler configuration must have at least the following two entries.
a. websecurity.xsrf.handler.config.default.handlerfactory
This property contains the name of the implementation class for com.savvion.sbm.websecurity.xsrf.api.IXSRFHandlerFactory interface.
b. websecurity.xsrf.handler.config.default.configfile
Caution: This property contains the name of the config file. The configured file must be in the classpath.
The default XSRF configuration can be found in bmxsrfconfig.xml under OEBPS_HOME/conf directory.