Skip to main content
ExLibris
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    Making X-server more secure

    • Article Type: General
    • Product: Aleph
    • Product Version: 21

    Desired Outcome Goal:
    Put high level of security on Aleph X-server to prevent unauthorized access to sensitive information

    Procedure:
    There are two level of security that either can be used separately or used combined.

    1) Use $alephe_tab/server_ip_allowed to allow the access to X-server to certain IPs or IP ranges only.

    !-!-!!!!!!!!!!!!!!!>
    X A 10.1.235.*
    X A 10.1.232.115

    After change of server_ip_allowed WWW server should be restarted

    2) In Staff permission function in GUI you should limit the number of X-Server functions allowed to the WWW-X user to a subset of functions that don't involve sensitive data.
    If no user name and password are given when activating the x-service, the default for both is: WWW-X.
    You then can define additional staff users that have permission to use all relevant X-services.

    Please see section 'X-Service Permissions' in page Introduction to Aleph X-Services (https://developers.exlibrisgroup.com/aleph/apis/Aleph-X-Services/introduction-to-aleph-x-services) for information how to use user-name and password when calling up X-services.


    • Article last edited: 5/23/2014