|Applies To||RSA Product Set: Via Lifecycle and Governance, Identity Management and Governance|
RSA Product/Service Type: All
RSA Version/Condition: 5.x,6.5.1,6.5.2,6.8.1,6.9
|Issue||The RSA Via L&G web services API enables you to issue HTTP GET and POST calls to RSA Via L&G. The calls can be issued via a Representational State Transfer (REST) client or custom code or external programs.|
The web services configuration feature in the RSA Via L&G user interface enables you to enable and disable web services and specify the clients allowed to access web services. It also provides comprehensive information on commands, command options, and command examples.
You can manage web services by selecting Admin >Webservices as follows:
1.Enable and disable web services.
2.Control which client IP addresses can issue web services commands.
3.Specify an import directory for import commands.
4. Customize web services commands: enable or disable and change the request type (GET or POST).
The list of IPs allowed to invoke web services field on the Web Services main page lists any IP addresses allowed to issue web services commands. An empty list indicates that all clients can access web services.
By default only local host IP address 127.0.0.1 can issue web services commands if web services is enabled. If you have enable "IPs allowed to invoke web services" field to empty to allow all connections an now if you restart Via L&G server ,this setting resets to default.
|Cause||This is a bug in all versions below 6.9.1|
Steps to reproduce:
1. Go to Admin > Web Services > Edit
2. Set the block for the "IPs allowed to send invoke web services " to Empty to allow all connections
3. Restart the server.
4. Now when you go an check the webservices the "IPs allowed to send invoke web services " gets reset to default
|Resolution||This issue is fixed in 6.9.1. Upgrade to version 6.9.1 to resolve this issue.|