TrueSight IT Data Analytics prevents CSRF attacks by checking the HTTP header, also known as Referer, of the incoming HTTP request. This header is present in the requests that come from browsers. All invalid requests return a HTTP 403 response.
By default, the product allows access only to particular requests. For more information, see Security planning. To enable access to additional requests, you need to make certain configurations.
Navigate to %BMC_ITDA_HOME%\tomcat\webapps\olaengine\WEB-INF\
<init-param>
element, add a new <init-param>
element and specify your rule. To understand this, see Example of adding a new rule.<init-param>
element has two elements, <param-name>
and <param-value>
. These elements are explained as follows:<param-name>
element must have "pattern" as prefix.<param-value>
element is a set of two regular expressions that are separated by a space. The first regular expression represents the incoming HTTP requests that are checked. The second regular expression represents what the HTTP header (Referer) must include so that the HTTP requests are allowed.In this example, a new rule, pattern3, is added after pattern2. Pattern3 allows all requests (represented by .*) in which Referer has http
or https
followed by the IPv6 address, and where the Console Server port is either 9454 or 9443. Note that in pattern 3, <IPv6 address of your machine>
refers to a variable value that denotes the IPv6 address of the server on which the product is installed.
|