Versions Compared

Old Version 1

changes.mady.by.user Unknown User (a.szuflicki)

Saved on

compared with

New Version 2

changes.mady.by.user Unknown User (a.szuflicki)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This rule detects whether a service call or rest service has a URL or host username and port password parameter defined. Having a URL or host and port authorization parameters defined in the model may result in unexpected behavior. It is only recommended to use the URL
parameter username and password for test purposes. It checks service calls of type: 

...

Configure the connection in the application.properties file only. This adds the possibility to make the URL authorization parameters dependent on the environment.
See: https://my.blueriq.com/display/DOC/Connections+Properties

Example

For this SOAP Mail service call, the value of URL is set to the "www.example.com". authorization parameters - smtp-user and smtp-password have some example values.

Image AddedImage Removed

This results in the following security hotspot:

Image RemovedImage Added