« Security (Cloud) » : différence entre les versions
Aucun résumé des modifications |
|||
| Ligne 13 : | Ligne 13 : | ||
===Application code=== | ===Application code=== | ||
When a Sage FRP 1000 solution is deployed as a Cloud Solution or is deployed with Internet access, the Application Code is executed in a restricted mode. | |||
In restricted mode : | |||
* The system API is sand boxed. | |||
: This concern all api calls and functions which access to the file system, the registry, the shell execution (which is disabled). | |||
* The SQL API is disabled. | |||
: This concern all api calls and functions which permit execution of arbitrary SQL statements. In this mode the Application MUST works in a strictly object oriented access using framework object primitives. The QueryBroker and the SQL translators are disabled. | |||
* The database API is disabled | |||
: This concern all api calls and function which enable switching between databases. In this mode only one production database is view by the Application code and functions which expose database details, like the database URL, are disabled. | |||
* The repository access is restricted. | |||
: This concern all api and function which access to the reprository classes, repository classes are not exposed. | |||
===API Accesses=== | ===API Accesses=== | ||
Version du 27 février 2017 à 10:18
Overview
HTTP accesses
Identity management
Secret management
Networking
Virtual machines
Application code
When a Sage FRP 1000 solution is deployed as a Cloud Solution or is deployed with Internet access, the Application Code is executed in a restricted mode.
In restricted mode :
- The system API is sand boxed.
- This concern all api calls and functions which access to the file system, the registry, the shell execution (which is disabled).
- The SQL API is disabled.
- This concern all api calls and functions which permit execution of arbitrary SQL statements. In this mode the Application MUST works in a strictly object oriented access using framework object primitives. The QueryBroker and the SQL translators are disabled.
- The database API is disabled
- This concern all api calls and function which enable switching between databases. In this mode only one production database is view by the Application code and functions which expose database details, like the database URL, are disabled.
- The repository access is restricted.
- This concern all api and function which access to the reprository classes, repository classes are not exposed.