ONE Desktop ONE DQ&C ONE MDM ONE RDM ONE Runtime Server
latest (15.4.0) 15.3.0 15.2.0 15.1.0 14.5.x 13.9.x 13.8.x 13.7.x 13.6.x 13.5.0 13.4.x 13.3.x 13.2.x
User Community Service Desk Downloads
If you can't find the product or version you're looking for, visit support.ataccama.com/downloads

Configuring Native Services

A native service endpoint is a definition of a location where native services are available. The definition consists of the protocol and format. MDM supports different types of protocols and formats (see Native Services, section Endpoints for more information).

In this version, native services available on HttpEndpoint in both SOAP and XML formats are not secured by default and additional configuration must be used. This also applies to SOAP services configured as part of the MDM solution in the so-called Online Services.

Which endpoints are affected depends on how your solution is implemented.For example, this can include the following endpoints:

  • MDM Native Services: /soapOverHttp, /xmlRcpOverHttp

  • Online Services: /soapServices

To mitigate the issue, we recommend upgrading to 13.8.0. In case this is not a viable option, we recommend assessing the risk and reviewing and updating the MDM solution configuration, as described in the following sections.

Ataccama PaaS environments are not affected by this issue.

MDM Native Services

Depending on whether you are using native services, proceed with one of the following options.

  1. The MDM solution does not use native services. In this case, you need to disable the affected endpoints in one of the following ways:

    1. Disable services on HTTP server level (that is, for all used server ports). Follow the instructions provided in HTTP Server Configuration and list the endpoints in the ataccama.server.http.default.path.exclude property. For example: ataccama.server.http.default.path.exclude=/soapOverHttp/,/xmlRpcOverHttp/.

    2. (Recommended) Disable native services in MDM configuration. Follow the instructions provided in Configuring Native Services to access Endpoints Definition. Make sure to clear all services and endpoints.

  2. The MDM solution uses native services. You need to configure nme-security.xml and reference it in the nme-config.xml configuration file.

    1. Edit the nme-security.xml file so that access is authorized to all exposed endpoints. For more information, see [configuration:security-and-audit], section Authorization.

      If you are reusing the nme-security.xml file from the MDM example project, exclude the line UmcRoleValidator.

    2. Verify that the nme-config.xml configuration file references the nme-security.xml file. For more information, see MDM Engine Configuration File.

ONE Runtime Server Online Services

The issue occurs only when the soapServices endpoint name is used. To remediate the problem, rename the endpoint to any other value (*.online file).

Adding a native service endpoint

To add a new native service endpoint:

  1. Go to Services (double-click) and switch to the Endpoints Definition tab.

  2. Select Add and choose an endpoint protocol (this guide describes the HTTP endpoint).

    Services endpoint settings tab

  3. Double-click the newly added endpoint to edit the properties.

  4. Choose the Service format. SOAP is recommended as it provideas you with the WSDL of native services.

  5. Fill in the Endpoint Path Prefix to define the address where native services will be available for clients. The following example makes them available via the HTTP protocol in the SOAP format on the address localhost:<all_mdm_ports>/soapOverHttp.

Keep in mind that the Listener Names field is deprecated and will be removed. Services are available on all server ports as defined in application properties.

Enabling native services

  1. Double-click the Services node in your MDM project.

    Services node in MDM Project

  2. Add the services that you need according to the following guidelines.

Consolidation and general services

On the Consolidation and General Services tab, you can configure the services that are available for the MDM consolidation hub.

Consolidation and General Services tab

Basic services

In the Basic Services section, select the service to enable it.

Configurable services

In the Configurable Services section:

  1. Select Add and choose a service.

  2. Double-click the created service and configure it (use tooltips as necessary).

Generate and deploy the services configuration file

After you have added all endpoints (and enabled services), right-click Services in the project tree, select Generate…​ and then Generate.

This updates the XML configuration in Files > etc > nme-services.gen.xml. For the changes to take effect, deploy the configuration file to the application server running MDM and restart the MDM server.

Was this page useful?