Skip to content

Coexistence with Legacy Security Checkpoints

Security Checkpoints in IFS Aurena can coexists with Legacy Security Checkpoints.

Projection Security Checkpoint and Legacy Security Checkpoints

The difference between Security Checkpoints in IFS Aurena (Projection Security Checkpoints) Legacy Security Checkpoints is how it's implemented and the scope of the transaction that it protects.

Managing Legacy Security Checkpoints

When a Security Checkpoint for IFS Aurena is created, there is the possibility to reference one or more Legacy Security Checkpoints.

Legacy Security Checkpoints reference

A Legacy Security Checkpoint affects an action in IFS Aurena when the PL/SQL code for the Business in the Database that the action executes, contains a Legacy Security Checkpoint. In that scenario, the Legacy Security Checkpoints needs to be referenced in the "legacycheckpoints" attribute of the action. If there are more than one Legacy Security Checkpoint associated with that an action, those can be specified as a comma separated list of strings. All Legacy Checkpoints that are affected by the action, shall be referenced.

action TestAction {  
   initialcheck none;  
   parameter StrKey Text;  
   parameter TextPara Text;  
   checkpoint = "Checkpoint_ActionVoidUb";  
   legacycheckpoints = "CHKPT_TEST_LEGACY_CP1", "CHKPT_TEST_LEGACY_CP2, "CHKPT_TEST_LEGACY_CP14", "CHKPT_AUTHFLOW_CP";  
}  

The ID of the Legacy Security Checkpoint shall be specified.

Note: An action that is affected by Legacy Security Checkpoints shall all of them referenced in the action implementation. This is important when a new Security Checkpoint is disabled.

Actions with unreferenced Legacy Security Checkpoints

The transaction executed from an action will stop if an action is affected by a Legacy Security Checkpoint, but it do not have the Legacy Security Checkpoint referenced. The result is that the transaction will not be executed and an error message saying "Unhandled Security Checkpoint" will be displayed.

An action with a new Security Checkpoint needs to know which Legacy Security Checkpoints that it's allowed to pass. In a scenario like this, add the encountered Legacy Security Checkpoint as a referenced to the action that was executed.

Scenarios for coexistence between new and Legacy Security Checkpoints

Consider a scenario where an action is affected by two Legacy Security Checkpoints. This list is describing the behavior of the Security Checkpoints based on their state and if the Legacy Security Checkpoints are referenced or not.

Projection Checkpoint Legacy Checkpoint 1 Legacy Checkpoint 2 Result
Enabled Enabled & Referenced Disabled User credentials required to proceed
Enabled Enabled & Referenced Disabled & Referenced User credentials required to proceed
Enabled Enabled & Referenced Enabled User credentials required to proceed
Enabled Enabled & Referenced Enabled & Referenced User credentials required to proceed
Enabled Enabled Disabled User credentials required to proceed
Enabled Enabled Disabled & Referenced User credentials required to proceed
Enabled Enabled Enabled User credentials required to proceed
Enabled Enabled Enabled & Referenced User credentials required to proceed
Enabled Disabled & Referenced Disabled User credentials required to proceed
Enabled Disabled & Referenced Disabled & Referenced User credentials required to proceed
Enabled Disabled & Referenced Enabled User credentials required to proceed
Enabled Disabled & Referenced Enabled & Referenced User credentials required to proceed
Enabled Disabled Disabled User credentials required to proceed
Enabled Disabled Disabled & Referenced User credentials required to proceed
Enabled Disabled Enabled User credentials required to proceed
Enabled Disabled Enabled & Referenced User credentials required to proceed
Disabled Enabled & Referenced Disabled User credentials required to proceed
Disabled Enabled & Referenced Disabled & Referenced User credentials required to proceed
Disabled Enabled & Referenced Enabled User credentials required to proceed
Disabled Enabled & Referenced Enabled & Referenced User credentials required to proceed
Disabled Enabled Disabled Exception - Unhandled Legacy Security Checkpoints
Disabled Enabled Disabled & Referenced Exception - Unhandled Legacy Security Checkpoints
Disabled Enabled Enabled Exception - Unhandled Legacy Security Checkpoints
Disabled Enabled Enabled & Referenced User credentials required to proceed
Disabled Disabled & Referenced Disabled No credentials required
Disabled DDisabled & Referenced Disabled & Referenced No credentials required
Disabled Disabled & Referenced Enabled Exception - Unhandled Legacy Security Checkpoints
Disabled Disabled & Referenced Enabled & Referenced User credentials required to proceed
Disabled Disabled Disabled No credentials required
Disabled Disabled Disabled & Reference No credentials required
Disabled Disabled Enabled Exception - Unhandled Legacy Security Checkpoints
Disabled Disabled Enabled & Referenced User credentials required to proceed

How to Identify an unhandled Legacy Security Checkpoint

Prerequisites

  • Security Checkpoints are globally enabled for IFS Aurena
  • The Legacy Security Checkpoints of interest are enabled

Method

Identify which functionality that has a Legacy Security Checkpoint specified. Utilize that functionality in IFS Aurena by executing different actions. When an unhandled Legacy Security Checkpoint is encountered, an exception will be raised and an error message saying "Unhandled Security Checkpoint" will be displayed. The details of the error message will specify the ID of the Legacy Security Checkpoint. Use this information to specify the ID as a reference to the action that raised the error.