How to lock Hybris to Initialize System on Production Environment - sap-commerce-cloud

Is there any way to lock Hybris by Initializing System accidentally on Production Environment. It is too risky if some one mistakenly click on initialize button.

We can use this setting in our local.properties on the production system to avoid the running system from being initialized accidentally from the administration page:
system.unlocking.disabled=true
Hybris highly recommend to use this setting once you have your system up and running.

As I answered here, let me tell other ways to achieve this.
Lock the system initialization using properties
To lock the system for initialization and update add the unlocking (system.unlocking.disabled=true) properties to your local.properties file and rebuild your system.
Block/Redirect URL from the web server
If you have a web server in place for admin console, You can block or redirect /hac/platform/initURL to some dummy URL(/hac/platform/NOinit) from the web server itself. Do the google for your web server configuration for the same.
Change request mapping in Hybris HAC(Not recommend):
HAC request mapping is done by defaultHacConfiguration.json file. You can change the request mapping itself.
{
"path" : "/NOinit",
"label" : "initialization",
"skipPrefix" : false
}
Refer the detailed post here

Related

UseLegacyUI Setting Not Working

I have ran a SQL script to update the UserPreferences.UseLegacyUI to 0 for all of the users in our 2018 R1 system but, the users are still getting the classic UI when they log into the system. Any thoughts on why this might be? We're trying to avoid every user having to change their setting in their profile.
EDIT: Users are having to switch to the modern UI every time they log in. Is there a cookie involved?
Try using the UserPreference graph to change that value, that's how it's used in 'Main.aspx.cs'. Sometimes there's code in event handlers that needs to be executed too:
PX.SM.SMAccessPersonalMaint prefGraph = PX.Data.PXGraph.CreateInstance<PX.SM.SMAccessPersonalMaint>();
PX.SM.UserPreferences prefs = prefGraph.UserPrefs.SelectSingle() ?? prefGraph.UserPrefs.Insert();
prefs.UseLegacyUI = false;
prefGraph.UserPrefs.Update(prefs);
prefGraph.Persist();
There was an HTTP redirect set in IIS on both the web site and the web application that was causing this. I suspect this was a hold over from the 5.3 installation but, not sure. Removing the redirect from the web application and removing the "/main.aspx" from the web site redirect cured this issue.

How are Applications Removed from the IIS Application Pool?

We've got a new server, and I am trying to set it up for our website.
I got a new application for the engineers set up in the Application Pools called eng_app, then added our applications to it.
Now, we have been given an external drive that these applications need to be on, but I can't seem to edit or delete the existing applications.
I tried following the Microsoft Technet Article • Remove an Application (IIS 7) but, as you can see in the screenshot, those are incorrect.
C:\Windows\System32\inetsrv>appcmd delete app "eng_app/drawing"
ERROR ( message:Cannot find APP object with identifier "eng_app/drawing". )
C:\Windows\System32\inetsrv>appcmd delete app "/eng_app/drawing"
ERROR ( message:Must specify the APP object with identifier or "APP.NAME" parameter. )
Could someone tell me what I missed here?
Using Powershell
Go to folder
cd C:\Windows\system32\inetsrv
List all applications to get the correct APP.NAME
.\appcmd list app
Delete the application using fullname for <APP.NAME>.Ex.: "Default Web Site/The.Application".I mean, you must put it with web site name including the double-quotes.
.\appcmd delete app <APP.NAME>
OK, it looks like you can't do it either through the command line or using the Application Pool interface.
After stopping the webservice, what I did was:
go down to the list of Sites and select my application from the list,
click Basic Settings...
change the Application pool with the Select... button and edit the Physical path
Afterwards, you can restart the webservice.
There might be a better way, but this is how I did it.
appcmd delete app eng_app/drawing

XPages error when running in web browser and saving new document

So I've finally move my application from development(inaccessible through internet) server to production(accessible through internet) server and I got the following runtime error whenever I'm trying to save a document:
Error while executing JavaScript action expression
Script interpreter error, line=23, col=10: [TypeError] Exception occurred calling method NotesXspDocument.save() not allowed to access or modify file: C:\WINDOWS\TEMP\notesC053A6\xsppers\22\DHRRDLYBXJ
not allowed to access or modify file: C:\WINDOWS\TEMP\notesC053A6\xsppers\22\DHRRDLYBXJ
I've done some testing to see where this would occur and found that it only happen when running the application in a web browser (including the Notes 9 web browser) and creating a new document and saving it.
If I run the application via XPiNC, create a new document and save, I'm able to save the document. And this document can later be edited and saved whether in XPiNC or web browser.
I'm not aware of this problem because during development I usually only test in notes client. When it come to web browser, I'll just create a local copy to test because the development server does not allow access through web browser.
Is there any server setting that I should change? I'm not admin but I could inform my boss to change. Thanks.
EDIT
After further testing, I found that uploading a file could be causing the problem. My XPage has fileUpload control for user to upload attachment with the document. But since it worked on XPiNC I need to know why it doesn't work in web browser and the solution to this.
Check to see if the user running the service of the domino server has full access rights to the c:\windows\temp folder
If your server is running Windows 2008 and no specific user is added to run the service.
Make sure that both system and Services has full access to that folder.

uCommerce Secure Ticket Transaction with Loggin

I'm working on a webshop in which it should be possible to subscribe to a service for a monthly 20$ fee in return.
I've made a script in a c# usercontrol which will be called monthly by umbraco scheduled task command:
<task log="true" alias="test60" interval="60" url="http://mysite/umbraco/subscriptionPayment.aspx"/>
For that I have two questions.
1) Where should I put the usercontrol in order to make it unaccessible for the public but accessible for the umbraco task command? It is very important that the script can only be accessed by local server commands.
2) I would like the script to log a file each time a transaction is made. I'm using the following script:
File.AppendAllText("paymentlog.txt",
"Transaction "+transactionNumber.ToString() +" sucessfully executed at "+DateTime.Now.ToString() + Environment.NewLine);
I just don't know which path I should give to the paymentlog.txt file since handling real paths in umbraco seems kind of obscure to me. I would like the paymentlog.txt file to be placed in the root umbraco folder. How do I do that?
Thanks in advance (I'm running umbraco 4.8 and uCommerce 2.6.1).
Best regards,
Brinck10
The task scheduler in umbraco isn't very reliable and this sounds like a crucial to your businness so i would probably try to use the build in scheduler in Windows on your server to do the processing.
That being said. In regards to marking the tasks scheduler approach a little more secure you could make the URL you are calling only accessible on localhost/127.0.0.1 and use localhost address in your task configuration.
You can make a call to the user service to verify that the caller is logged in. Following code will achieve that:
using UCommerce.Infrastructure;
using UCommerce.Security;
var authService = ObjectFactory.Instance.Resolve<IAuthenticationService>();
if (authService.IsAuthenticated())
{
// do secure code here
}

How do you specify the deployIisAppPath to a site root that is not DefaultWebSite?

I have a ASP.NET MVC web application project that I want to deploy to my IIS webserver. The site tree is set up thusly:
SERVERNAME(myDomain\Username)
Application Pools
Sites
Default Web Site
MyProjectSite
bin
Content
...
Views
I am trying to deploy to the MyProject site. See below settings that I am using versus the errors I am returning. I am apparently not specifying my site path correctly, but for the life of me, I can't figure out what it should be.
The following settings stay the same between iterations:
/p:DeployOnBuild=True /p:DeployTarget=MsDeployPublish /p:CreatePackageOnPublish=False /p:MSDeployPublishMethod=WMSvc /p:AuthType=Basic /p:Username="myUserName" /p:Password="MyPassword" /p:AllowUntrustedCertificate=True
Specify SiteName/ as IISAppPath:
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd?Site=MyProjectSite" /p:DeployIisAppPath="MyProjectSite/"
Error:
Could not complete an operation with the specified provider ("createApp") when connecting using the Web Management Service - I don't want to create a new site. I want to sync the content that is already there.
Specify IISAppPath as Root (supposing that the sitename in the URL is used)
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd?Site=MyProjectSite" /p:DeployIisAppPath="/"
Error:
Could not complete an operation with the specified provider ("iisApp") when connecting using the Web Management Service - Looks like it is trying to access the Default WebSite or something (to which I have purposefully NOT given myself rights).
Specify IISAppPath as empty string(supposing that the sitename in the URL is used)
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd?Site=MyProjectSite" /p:DeployIisAppPath=""
Error:
The "ConcatFullServiceUrlWithSiteName" task was not given a value for the required parameter "SiteAppName" - So it interprets "" as actually a null value thus breaking an attempt to concatenate it.
Specify no site attribute in the URL but SiteName/ as IISAppPath
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd" /p:DeployIisAppPath="MyProjectSite/"
Error:
Could not complete an operation with the specified provider ("createApp") when connecting using the Web Management Service
Specify no site attribute in URL but SiteName as IISAppPath
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd" /p:DeployIisAppPath="MyProjectSite"
Error:
Could not complete an operation with the specified provider ("createApp") when connecting using the Web Management Service
Now given that it is running a concatenate on the SiteAppName, it must be combining it with the Site name, yes? What are you supposed to put there to get the site to sync to the root of a site?
Update
In an attempt to figure out the proper path scheme, I have tried to publish using the Visual Studio 2012 Publish dialog. In this case, I am returned an error saying that The request timed out (testing the connection works almost instantly and previewing the changes works but takes a few seconds). I checked the event log, and the tracelog for wmsvc to no avail. Even with trace set to verbose, nothing shows up in the tracelog. I have tried disabling the firewalls on both computers, and nothing seems to work on that front either.
Figured this one out.
The problem stemmed from two settings in the Web Deploy page of the project properties. I had previously set this project up (in the Debug configuration) to copy only the files necessary to run the application, and NOT build a zip package. I neglected however to do anything to those settings for the release configuration.
The reason (confidence level 75%) it was trying to use createApp was because it was deploying from the Zip package it had created. So my IISAppPath settings in those cases were fine, I was just deploying the wrong thing.
I set the Create deployment package as a zip file setting to false, and the Items to deploy dropdown to Only files needed to run this application and everything went off without a hitch.
Incidentally I found out (as referred above) that you can use the Publish Profiles outputted by the Web Publish dialog in Visual Studio (2012 only unfortunately; 2010 you have to do some massaging that I am unsure of). I named mine with no spaces, and supplied the password as an argument as well as the Untrusted Certificate setting. Now MSBuild Arguments in the build definition for TFS look like this:
/p:DeployOnBuild=True;PublishProfile=NameOfPublishProfile /p:AllowUntrustedCertificate=True /p:Password=PleaseVerifyMe

Resources