Adobe Campaign Classic v7 & Campaign v8

Sebastian_Rockw · ‎25-03-2021

Hi all,

on my ACC instance, which is hosted on prem, I can access /nl/jsp/monitor.jsp, log in with an operator and then see the different monitoring metrics.

However, it seems like I can login with any operator, no matter the operator groups he is assigned to.
Is there any way to restrict access to /nl/jsp/monitor.jsp to operators having admin operator group only?

Thanks and BR

Sebastian

Jonathon_wodnicki · ‎01-04-2021

Hi,

Security is performed here by hiding the link to the page from non-admin users in the nav bar.

The jsp page can be altered (overwritten on upgrade) to add proper authorization check tho, put this at the top somewhere:

if (!ctx.hasRight('admin')) {
  response.sendError(HttpServletResponse.SC_FORBIDDEN);
  return;
}

Thanks,

-Jon

View solution in original post

Jonathon_wodnicki · ‎01-04-2021

Hi,

Security is performed here by hiding the link to the page from non-admin users in the nav bar.

The jsp page can be altered (overwritten on upgrade) to add proper authorization check tho, put this at the top somewhere:

if (!ctx.hasRight('admin')) {
  response.sendError(HttpServletResponse.SC_FORBIDDEN);
  return;
}

Thanks,

-Jon

Sebastian_Rockw · ‎06-04-2021

Thanks a lot, Jon! BR Sebastian

Adobe Campaign Classic v7 & Campaign v8

Restrict access to /nl/jsp/monitor.jsp

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe