Below is the example of using the SetMbSec operation to change security policy settings. The request contains a list of changed password policy and access protocol settings. The response contains the updated list of all security policy and access protocol settings.
{
"SetMbSec" :
{
"tMbSec" :
{
"id" : "S1!M"
},
"tArg" :
{
"pattern" :
{
"policy" :
{
"passwordPolicy" : "true",
"settings" : "true"
}
},
"meta" :
{
"policy" :
{
"passwordPolicy" :
{
"minLength" : "5",
"requireDifferentChars" : "true",
"requireDifferentLetterCase" : "true",
"forbiddenStrings" :
{
"s" :
[
"admin",
"user",
"qwerty"
]
},
"checkForbiddenStrings" : "true",
"historyLength" : "5"
},
"settings" :
{
"allowedDocumentFormats" :
{
"s" :
[
"XLS",
"DOC",
"PDF"
]
},
"screenshotWithoutSecurity" : "true",
"copyToClipboardAllowed" : "false",
"forceCleanMemory" : "true",
"maxFailedLogons" : "10"
}
}
},
"metaGet" :
{
"pattern" :
{
"policy" :
{
"passwordPolicy" : "true",
"settings" : "true"
}
}
}
}
}
}
{
"SetMbSecResult" :
{
"id" :
{
"id" : "S1!M"
},
"metaGet" :
{
"id" :
{
"id" : "S1!M"
},
"meta" :
{
"policy" :
{
"passwordPolicy" :
{
"minLength" : "0",
"minAge" : "0",
"maxAge" : "0",
"restrictUserName" : "0",
"restrictFullUserName" : "0",
"requireDifferentChars" : "0",
"uniquenessDegree" : "0",
"requireDifferentLetterCase" : "0",
"forbiddenStrings" : "",
"checkForbiddenStrings" : "0",
"maxRepeatedCharCount" : "0",
"historyLength" : "0",
"hashing" :
{
"isON" : "0",
"excludeAdmin" : "0"
},
"requireDigitsAndChars" : "0",
"requireNonAlphabeticChars" : "0",
"warningMaxAge" : "0"
},
"settings" :
{
"objectsIdFormat" : "",
"allowedDocumentFormats" : "",
"mandatoryAccessControl" : "None",
"restrictAdminAccess" : "0",
"restrictIsaAccess" : "0",
"restrictUserDeletion" : "0",
"restrictGroupDeletion" : "0",
"discretionaryAccessControl" : "1",
"attributeBasedAccessControl" : "0",
"methodsCombineAlgorithm" : "Default",
"supportUserPrivateFolder" : "1",
"screenshotWithoutSecurity" : "0",
"copyToClipboardAllowed" : "1",
"auditClipboardOperations" : "1",
"allowUserQueries" : "1",
"forceCleanMemory" : "0",
"enforceApplicationRole" : "0",
"checkUserPassword" : "0",
"allowCreateUserGrant" : "0",
"lockIdentifiersPeriod" : "0",
"autoLockPeriod" : "0",
"createDeferredSubjects" : "0",
"maxFailedLogons" : "0",
"failedLogonsCounterResetPeriod" : "0",
"isaPresent" : "0",
"chkObjVerOnUpdFromPef" : "0",
"mbId" : ""
}
},
"bisearchEnable" : "Full",
"apply" :
{
"onCredentialsRequired" :
{
"logonParams" :
{
"descr" : "Enter user name and password of the user who has permissions to create tables in the 'Database' database",
"realm" : "OBJ21909",
"toAdmin" : "1",
"logonData" :
{
"driver" : "MSSQL2012",
"server" : "v-nrspo-mssql.dev.fs.fsight.world",
"database" : "Warehouse"
}
}
}
}
}
}
}
}
public static SetMbSecResult ChangeSecuritySettings(string mb)
{
var somClient = new SomPortTypeClient(); //Proxy object for operation execution
//Operation execution parameters
var setMbSec = new SetMbSec()
{
tArg = new SetMbSecArg()
{
//Operation execution pattern
pattern = new MbSecMdPattern()
{
policy = new MbSecPolicyPattern()
{
passwordPolicy = true,
settings = true
}
},
//Metadata with new security policy parameters
meta = new MbSecMd()
{
policy = new MbSecPolicy()
{
passwordPolicy = new MbSecPasswordPolicy() //Password policy
{
minLength = 5, //Minimum password length
requireDifferentChars = true, //Deny password consisting of equal characters
requireDifferentLetterCase = true, //Deny password consisting of letters of one case
checkForbiddenStrings = true, //Check password for forbidden strings
forbiddenStrings = new string[3] { "admin", "user", "qwerty" },
historyLength = 5 //Number of old passwords, with which the new one cannot match
},
settings = new MbSecPolicySettings() //Access control
{
allowedDocumentFormats = new string[3] { "XLS", "DOC", "PDF" }, //Allowed document formats
screenshotWithoutSecurity = true, //Display extra-large icons without taking into account access permissions
copyToClipboardAllowed = false, //Deny copy to clipboard
forceCleanMemory = true, //Clean memory
maxFailedLogons = 10 //Maximum number of password failures
}
}
},
//Parameters for updating information after operation execution
metaGet = new GetMbSecArg()
{
pattern = new MbSecMdPattern()
{
policy = new MbSecPolicyPattern()
{
passwordPolicy = true,
settings = true
}
}
}
},
//Repository moniker
tMbSec = new MbId() { id = mb }
};
//Change security policy
var result = somClient.SetMbSec(setMbSec);
return result;
}
See also: