Is there a way to set up the Reserve SMTP Agent for Secure SMTP?

For inbound SMTP messages to the TRIRIGA “ReserveSMTPAgent”, is there any way to configure it for Secure SMTP (SMTPS)? I know the port can change, but can the agent use the SMTPS protocol instead of SMTP, just by changing the port? You have clients using IBM TRIRIGA in the IBM Cloud and they cannot implement your Reservation Management product because of this major gap in the product.

The Reserve SMTP agent does not currently support encrypted TLS communication. Please create a request for enhancement (RFE) to request that capability be added to the Reserve SMTP Agent.

[Admin: To see other related posts, use the SMTP tag or TLS tag.]

Continue reading →

What is the new Access Summary sub-tab in 3.5.2 Security Manager?

If you are an administrator for TRIRIGA, chances are you have access to Security Manager, which is responsible for granting access to the TRIRIGA applications through the security groups. Prior to TRIRIGA 3.5.2, the only way to view security access was to go to the Access tab and then view the Access Configuration. That is where you would grant (or remove) access. However, in TRIRIGA 3.5.2, on the Access tab, a new Access Summary sub-tab was added.

The Access Summary sub-tab will show you in a column format, the permissions of the tool/module, form, tab, and section. You are able to filter by each of those fields. Once you see the data, you can start using the filters to look at the access…

This tab should now make it much easier to identify what a security group has access to. If you find yourself limited with what you want to do within the tab, there is an Export button, that will export the data into a tab-delimited .txt file…

[Admin: A similar article is also posted in the IBM Support Portal. This post is related to the 03.07.16 post about best practices for managing your security groups.]

Continue reading →

IV95718: Multi-tab sections freeze when user has read-only access

Users are encountering a spinning wheel when clicking on multi-tabs (sub-tabs) other than the main tabs. The system hangs and freezes. Users will then log out or close the application. For some users, it works fine, but for other users, it does not. This is related to a security group issue on the TRIRIGA 3.5.2 platform.

We needed to move the logic of how the platform validates section actions closer to where the actual action is taking place. Moving forward, the user will be able to navigate between multi-tab sections, if they have read-only access on the section.

[Admin: To see other related posts, use the Security tag.]

Continue reading →

Why aren’t changes to security groups being saved?

Is anybody seeing this issue in TRIRIGA 3.5.2? The Release Notes say that:

“The inner Save action on the Access tab of the Security Manager is removed. The user can make multiple permission changes, mix them with general changes and member changes, and save all at the end with the Save or Save & Close actions.”

But this doesn’t seem to work. Why not?

[Admin: This post is related to the 03.07.16 post about best practices for managing your security groups.]

Continue reading →

Why are there “Mixed Content” security errors in IBM TRIRIGA?

I have set up single sign-on (SSO) with SiteMinder and Liberty, and both seem to be working fine. However, after login, when I attempt to access BIRT reports, I get the following in the DevTools security window:

Mixed Content: The page at 'https://hostname/html/en/default/platform/mainpage/mainpage.jsp' was loaded over HTTPS, but requested an insecure resource 'http://hostname/birt/frameset?_docId=2816263&_la…tem__triPaymentLineItem_-_Report_-_Future_Rent_Obligation_Detail.rptdesign'. This request has been blocked; the content must be served over HTTPS.

Similarly, when I attempt to open a record and navigate the tabs, I get the following:

Mixed Content: The page at 'https://hostname/WebProcess.srv?objectId=750000&…TypeId=10002490&action=Edit&managerType=query&altGuiListId=-1&inline=false' was loaded over HTTPS, but requested an insecure form action 'http://hostname/WebProcess.srv?objectId=880000&a…false&undeletable=false&requiredNotSet=0&requiredTabList=&requiredField=-1'. This request has been blocked; the content must be served over HTTPS.

In the first case, the report never displays, and in the second case, the record appears to entirely hang. Have any of you seen this before? Any ideas how to fix it?

[Admin: This post is related to the 08.20.15 post about getting a mixed content security error with Esri ArcGIS, and the 06.18.15 post about GIS mixed content messages. To see other related posts, use the SiteMinder tag or SSO tag.]

Continue reading →

IV95388: TRIRIGA Reserve Outlook add-in fails when using only TLS 1.2

Due to security regulations, certain customers must disable TLS protocols 1.0 and 1.1. However, when they do this and use only TLS 1.2, they lose connectivity from the TRIRIGA Reserve Outlook add-in.

The problem was that the add-in was compiled with .NET 4.0 which doesn’t support TLS 1.2. The fix is to explicitly force support for the TLS 1.2 protocol. Moving forward, the IBM TRIRIGA Workplace Reservation Manager add-in is now able to communicate with the TRIRIGA server over the TLS 1.2 protocol.

[Admin: To see other related posts, use the Add-in tag or TLS tag.]

Continue reading →

IV94974: Security change in 3.5.2 has issues with TRIRIGA as service

I have installed TRIRIGA 10.5.2/3.5.2 OOB in Sandbox 1. One thing I noticed is that I used to be able to run the TRIRIGA service as “SVC-CBRES-IWMS-DEV” and I used to display the following in a web page, but in 3.5.2, I am not getting the expected “Sign In Required” error.

In TRIRIGA 3.5.2, a security change was filtering out the Performance Monitor (Single Values) URL. We needed to remove the filtering of monitor.jsp. Moving forward, a security issue was fixed which made the performance monitors unable to work externally from the TRIRIGA Admin Console.

[Admin: This post is related to the 04.08.15 post about performance monitoring tools.]

Continue reading →