fbpx

Read: Online Configuration

Before installing PTF, we must apply several online configurations.

Integration Broker

  • Integration Broker must be running and configured. The PTF client stores and fetches test data from your PeopleSoft database through Integration Broker.
    1. You must be able to “Ping” the Integration Gateway.
    2. PTF communicates over the ANONYMOUS node. Therefore, the default user ID specified on the ANONYMOUS node must have the PTF User role. Even though we will specify our PeopleSoft credentials when connecting to PTF, PTF will still invoke some service operations anonymously. Failure to add the PTF User role to the anonymous user may result in the following error:

To generate the error message above, my “anonymous node” User ID was ANONYMOUS_NODE. Notice the error message specifically identifies this user as not having access to the PTTST_CONFIG_NO_SSL Service Operation. This makes sense. When we connect to PTF, we provide our credentials. We would not want PTF passing these credentials along to Integration Broker over an insecure connection unless we previously configured PTTST_CONFIG_NO_SSL. Therefore, the anonymous user must be able to invoke this Service Operation without requiring credentials.

Every role added to the ANONYMOUS node user increases your security attack surface. In production, the anonymous node’s user should only have access to truly public information. You should not have this role enabled for the ANONYMOUS node user in production. PTF, therefore, would not be available in production.

Security

  • PTF Users must be members of one of the following roles:
    1. PTF Administrator: Full access to all PTF features and functions.
    2. PTF Editor: May run, edit, create, and delete tests and test cases.
    3. PTF User: May run tests and test cases and edit, create and delete test cases.

Web Profile

  • Navigate to People Tools > Web Profile > Web Profile Configuration. On the debugging tab, select:
    1. Show Connection & Sys Info
    2. Generate HTML for Testing

Both web profile settings cause PeopleSoft to generate HTML with information helpful to bad actors searching for vulnerabilities. Therefore, these settings should be disabled in a production environment.

PTF Configuration Options

  • Use the navigation PeopleTools > Lifecycle Tools > Test Framework > Define Configuration Options to configure PTF.

Available configuration options are listed in PeopleBooks at Lifecycle Management Tools > Test Framework > Installing and Configuring PTF > Configuring an Environment for PTF > Defining PTF Configuration Options.

SSL and Non-SSL Configurations

  • PTF Integration Broker web services are preconfigured to require SSL. For the PTF client to communicate with Integration Broker over SSL, the Integration Broker web server’s SSL certificate must be trusted, usually by purchasing a valid certificate. In early releases of PTF, it was possible to disable SSL by reconfiguring the delivered PTF Service Operation. Because so many customers prefer to run PTF without SSL, this option is now configurable.
  • To turn off SSL:
    1. Navigate to PeopleTools > Integration Broker > Integration Setup > Service Operations.
    2. Search for the Service Operation: PTTST_CONFIG_NO_SSL
    3. Activate the Service Operation by selecting the check box labeled Active.
    4. Save

For security reasons, we recommend using SSL. In this class, we turned off SSL for convenience reasons. When considering enabling or disabling SSL, think about protecting your credentials and your data. Ideally, your test systems will contain test data and test credentials. In real life, however, most test systems are clones of production. If this is your situation, be sure to protect your test environment just as you would protect production.

Be sure to check the Routing Status box for Any-to-Local Exists. If it is not present, or if the routing appears incorrect, be sure to check the Generate AnytoLocal or Regenerate AnytoLocal check box (whichever is present) in the Routing Actions Upon Save box. When in doubt, check the Regenerate Any-to-Local checkbox. It doesn’t hurt to regenerate, but failure to generate at all will keep PTF from connecting to your database.