How to change Execute ACL

I need to change the setting for the execute ACL to anonymous for the ediINT receive module. Where do I do that? In the webmethods 6 web console for the IS server? I’m not sure how to change this setting.

Please advise.

_brett.

You change this in the Developer under properties. lock the flow for edit and highlight the middle bottom frame, then look on your upper right and scroll down to Execute - change to Anonymous.

Thanks! That is exactly what I needed to know. My process is working now.

_brett.

Are you comfortable with the security risks of making this service anonymous?

I guess I’m not familiar with the security risk involved. The change allowed some AS2 communication to begin working. If there is another way to have AS2 work without doing that, I’m all ears.

There is a potential risk introduced when making any of the services anonymously executable. It means that anyone can invoke that service without needing to provide credentials. Depending upon what the service does, such ability may or may not be an issue.

Hi brettp,

You may want to wrap the service in another. What i mean by that is to leave the ACL on the ediTN:receive service as it is and create a new service that calls ediTN:receive inside it.

This way you won’t have any sercurity issues.

“This way you won’t have any sercurity issues.”

Not quite true. It still means that anyone can invoke the service. You won’t have credentials issues, but you may indeed have security issues.

If your intention is change ACL permision via integration server service:
use wm.server.access:aclAssign service to confure to a specific ACL group.
aclAssign.png

Hi Ruben,

Thanks much on positing your inputs for such a very old thread (discussion of 2007)…

Your response comment is indeed valuable to be noted in 2020 :)-

Cheers!
RMG

1 Like