Security Settings
he Security Settings group on the SanteDB configuration tool are used to control the security subsystems in the SanteDB host context.
Core Server Security
The core security panel allows the control of the settings related to core security functions such as the validation of passwords and security policies.
The options which can be configured in the security panel are:
| Option | Description | Example |
|---|---|---|
Password Regex | The regular expression that all passwords in the SanteDB iCDR security realm should have. | |
PEP Exemption Policy | The exemption policies for the Policy Enforcement Point. This allows administrators to exempt certain principals from being subjected to data privacy enforcement. |
|
Signing Keys | The collection of keys which should be used for signing data generated by the iCDR. | See: Singing Keys |
Security Policy Configuration | Ignore this - use the Policies panel. | |
Password Hasher | Once peppered, the hashing service to use to securely store data in the database. | SHA256 is recommended unless you're porting over passwords from another system which uses an alternate algorithm. |
Policy Decision Provider | Allows the changing of the PDP the iCDR will use. If running in a XACML context, this can be an external provider. | |
Policy Information Provider | If using the iCDR in a context where third party policy information services are available - this is the implementation of the PIP to use. | |
Password Validator | If using a custom validation strategy (password history, password complexity, etc.) - the validation service to use. | |
PasswordAge | The maximum age of a password (in days) before the password is expired. Note: Your user interface should be able to handle this condition. | |
PasswordHistory | When true, users will not be able to use a previous password as a current password. | |
FailedLogins | The maximum failed logins before the system locks an account. | |
SessionLength | The length of a session expressed as an ISO period (PT30M is 30 minutes, PT1H is 1 hour, etc.) | |
SessionRefresh | The maximum length that a refresh token is valid. |
Signing Keys
The signing keys configuration allows you to specify keys that the iCDR server will use for generating digital signatures. Plugins can request specific named keys for signing data, these are:
default: The default server key used for signing sessions, security data in the database, etc.jwskey: The key to use for the JWS pointer service - This data is used to sign data in JWS generated payloads on the server.
Other keys may be used by specific plugins. Additionally, if an external trading partner uses a kid attribute in the JWS header, you can configure the specific kid to X509 or HMAC key.
The options when configuring a key:
| Option | Description | Example |
|---|---|---|
Certificate | The X509 certificate to use to sign data. You must have the private key for the certificate in your store. | |
Certificate Search | The method which should be used to locate the certificate in the central certificate store. | |
HMAC256 Secret | If using HS256 or another symmetric signature algorithm, this is the shared secret to use to sign the data. | |
Issuer | The name of the system which issues data signed with this key. This is used if the | |
Key ID | The internal key identifier used by SanteDB and its plugins to reference the key. This is also matched to the | |
Signing Algorithm | The method to use to sign data whenever this key identifier is used by SanteDB to generate signatures. | HS256 - HMAC 256 RS256 - RSA + SHA256 RS512 - RSA + SHA512 |
Last updated
