Disabling Security Features

There are four main security features associated with Genesis II:

  • SSL
  • Message-level Signing
  • AuthZ
  • Message-level Encryption

The first three are turned on by default while message-level encryption is turned off. If you do not want any security information to be passed when running Genesis II, you will need to disable the features that are turned on. This wiki specifies how to make modifications to the relevant configuration files. As of July 2008, these properties are found in the /deployments/<deployment-name>/configurations/security.properties file.

Disabling AuthZ

To disable AuthZ, in theserver-config.xml file, change the following property's value to false.

<mconf:property name="genii.security.authz.authz-enabled"

   value="false"/> 

Disabling Message-level Signing

To disable message-level signing, disable AuthZ as described above and also change the following property in the client-config.xml file to just WARN.

<mconf:property name="edu.virginia.vcgr.genii.client.security.message.min-config"

   value="WARN"/>

To enable message-level signing, enable AuthZ as per the opposite of above and also change the following property in the client-config.xml file to SIGN|WARN.

<mconf:property name="edu.virginia.vcgr.genii.client.security.message.min-config"

   value="SIGN|WARN"/>

Disabling SSL

To disable SSL, XML-comment-out the entire following section in the client-config.xml and server-config.xml files.

<genii:ssl-properties>

To bootstrap, you will also need to update the bootstrap.xml script. Make the changes specified in Changing Protocols: HTTP vs. HTTPS.


Enabling Message-level Encryption

To enable message-level encryption, make sure AuthZ is enabled and add ENCRYPT to the following property in the client-config.xml.

<mconf:property name="edu.virginia.vcgr.genii.client.security.message.min-config"

   value="WARN|ENCRYPT"/>