Roger, Ok... now we are getting somewhere... :)
I bet that all traffic from the Mid-Tier comes in as Client-Type = "9". So here is what I would suggest: Create a new Group ID that you will use to control who can use the Mid-Tier/WebServices. (Assuming that Web Service calls connect to the ARS server as a "Mid-Tier" client.) Then you should be able to use the ar.conf setting to mostly solve this issue. Add a line like the following to your ar.conf: Disable-Client-Operation: 9 -23:59 <groupID_To_Allow_Mid-tier_access> You will also need to distribute the new Group ID to any 'Login Name' that you want to be able to make WebService calls OR use the Mid-Tier. I think that will limit your exposure to the users using the Mid-Tier would only be the 'Login Name' that you add to this new group. Or you can opt for security via obscurity. :) -- Carey Matthew Black Remedy Skilled Professional (RSP) ARS = Action Request System(Remedy) Love, then teach Solution = People + Process + Tools Fast, Accurate, Cheap.... Pick two. On 3/20/07, Nall, Roger <[EMAIL PROTECTED]> wrote:
At this point yes. We have never used the Mid Tier for reasons I would rather not say. That is going to have change by the end of this year but I would prefer to have a proper rollout of the new process. In the mean time if I could use the Mid Tier for the web service functionality to this new application it would make matters easier. I am thinking that as long as I don't let anyone know that the Mid Tier is available then no one will know how to access it. Roger A. Nall Manager, OSSNMS Remedy T-Mobile USA Desk: 813-348-2556(New) Cell: 973-652-6723 FAX: 813-348-2565 sf49fanv AIM IM RogerNall Yahoo IM -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Carey Matthew Black Sent: Tuesday, March 20, 2007 9:53 AM To: [email protected] Subject: Re: Web Service Newbie Roger, Once your Mid-Tier is configured to talk to your ARS server(s) then all the forms that the user can authenticate and gain access to, should work on the Mid-tier via a supported browser. There are very few exceptions to that general rule. The only way that I could think of to try to prevent your users from being able to use the Mid-tier would be to try to use the ar.conf setting "Disable-Client-Operation" to restrict the use of the Mid-Tier. However that might also prevent inbound WebService calls too. (I am just not sure if it would or not.) You might also try to mangle the Mid-Tier install and remove a few files/configurations of the java Web application to try to prevent users from being able to login via the Mid-tier application. But I also have no idea if that would prevent Web Service Clients from connecting to the Mid-Tier either. Would it be a concern if users were able to use the Mid-tier? -- Carey Matthew Black Remedy Skilled Professional (RSP) ARS = Action Request System(Remedy) Love, then teach Solution = People + Process + Tools Fast, Accurate, Cheap.... Pick two. On 3/20/07, Nall, Roger <[EMAIL PROTECTED]> wrote: > So if I understand this correctly, the Mid - Tier is the client for web services. I do not have to have any forms available for use on the Mid Tier. I would just create the web service and the call of that web service from the external system would use the Mid Tier to pass data to the AR Server. Does that sound about right? > > Thanks, > > Roger A. Nall > Manager, OSSNMS Remedy > T-Mobile USA > Desk: 813-348-2556(New) > Cell: 973-652-6723 > FAX: 813-348-2565 > sf49fanv AIM IM > RogerNall Yahoo IM
_______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
