Cybersecurity
DevOps Cloud
IT Operations Cloud
in order to configure this in SSC you can add an extra measure of security to BIRT reporting by doing one or both of the following:
To enable Java Security manager:
In the left pane, select Configuration, and then click BIRT Reports.
On the BIRT Reports page, under Enhanced security, select the Turn on security manager check box.
Note: If you try to generate a custom report that depends on functionality that the BIRT security manager regards as unsafe, the report generation might fail.
If your Fortify Software Security Center is installed on a Linux system, and you are running OpenJDK, you must install fontconfig, DejaVu Sans fonts, and DejaVu serif fonts on the server to enable users to successfully generate reports. Otherwise, report generation will fail. You can download these fonts from https://github.com/dejavu-fonts/dejavu-fonts.
To limit write access to tables and views in the database:
For the new user account, enable read (only) access to the following tables and views:
Tables | ||
---|---|---|
activity | issuecache | reportexecparam |
attr | measurement | requirement |
auditattachment | measurementhistory | requirementtemplate |
auditcomment | metadef | ruledescription |
catpackexternalcategory | metadef_t | savedreport |
catpackexternallist | metaoption | scan |
catpacklookup | metaoption_t | scan_rulepack |
datablob | metavalue | seedhistory |
documentinfo | metavalueselection | sourcefile |
eventlogentry | project | snapshot |
f360global | projecttemplate | userpreference |
filterset | projectversion | variable |
folder | projectversiondependency | variablehistory |
foldercountcache | reportexecblob | |
Views | ||
attrlookupview |
defaultissueview | ruleview |
auditvalueview | metadefview | view_standards |
baseissueview | metaoptionview |
In the left pane, select Configuration, and then click BIRT Reports.
Fortify Software Security Center displays the BIRT Reports page.
In the DB Username and DB Password boxes, type the credentials for the database account that has read-only database access.