Table of Contents
Advertisement
Directory Level Password Protection for Sensitive Web Services
Some of the methods/actions available through the UCA Optional API Web Services are worthy of additional
protection. This additional protection is provided by requiring a user name and password to execute the methods.
The virtual directory that contains these Web Services is protected by Windows Basic authentication. In order to
execute these methods from an external program, the user must supply a valid user name and password for the
UCA machine. Because Windows Basic authentication sends user name and password to the server in the clear, it
is recommended that SSL be enabled for the ServerManagement application, if it is to be used.
Encryption/Decryption of the UCA Server Configuration Files
To protect information found in the UCA server config files, sections within the files are encrypted during the install.
This encryption uses the RSAProtectedConfigurationProvider. This provider uses the RSA public key encryption to
encrypt and decrypt data. To ease in the decryption of the files for maintenance purposes, a few batch files are
provided. They are found in C:\Program Files\Motorola\UCA Server\Utilities. Decrypt.bat and Encrypt.bat encrypts
and decrypts the various config files associated with the UCA server. Decrypt.bat should not be deployed to a
production environment for obvious reasons. In addition, keep in mind that because of the way the files are
encrypted, they are tied to the machine on which they are encrypted. They cannot be unencrypted or used on
another machine.
Encryption of Passwords Stored in the UCA Database
To protect passwords found in the UCA server database, they are encrypted before they are stored. The
passwords are encrypted using Microsoft Cryptographic Service Provider.
UCA Server 6 - 57
Advertisement
Table of Contents
Troubleshooting
