Encoding credentials in URLs

You can control whether the credentials passed in an IBM® Business Process Manager URL that implements redirect-login.jsp are encoded. You can encode credentials in a URL that is used, for example, to start a service directly from IBM Process Designer.

Before you begin

Verify the following components are stopped before completing this task:

IBM Process Center Server
IBM Process Server

About this task

To control encoding, use the <encode-redirect-url-credentials> property in the 00Static.xml file, which you can find in the following directory: PROFILE_HOME\config\cells\cell_name\nodes\node_name\servers\server_name\process-server\config\system.

To make changes to the configuration, you must copy content from the 00Static.xml file to the 100Custom.xml file. For information about the individual 100Custom.xml files that need to be updated and their locations, see the topic "The 99Local.xml and 100Custom.xml configuration files."

Important: Make all required modifications to the 100Custom.xml file. Do not edit the 00Static.xml file.

Procedure

Open the 00Static.xml file in a text editor.
In the 00Static.xml file, copy each property you want to change.
Open the 100Custom.xml file in a text editor. For information about the individual 100Custom.xml files that need to be updated and their locations, see the topic "The 99Local.xml and 100Custom.xml configuration files."

Paste the following properties from the 00Static.xml file into the 100Custom.xml file.

<authoring-environment merge="mergeChildren">
	<encode-redirect-url-credentials merge="replace">true</encode-redirect-url-credentials>
</authoring-environment>

Modify the value of the <encode-redirect-url-credentials> property. By default, this property is set to true so that credentials passed in an IBM BPM URL are encoded. If you change the setting to false, the URL is composed with credentials in plain text.
Save your changes.
Start IBM Process Center Server and Process Server.