Cisco Headend Digital Broadband Delivery System
Chapter 7 DNCS Web Services Security
62
4034689 Rev A
Allow HTTP Access to the Web Services
The BOSS Web Service and STB Staging Web Service must be configured to allow
HTTP access to specific service requesters, billing systems, and STB staging clients.
HTTP access to specific service requesters, billing systems, and STB staging clients.
Allowing HTTP Access to the BOSS Web Service
Complete the following procedure to allow a specific billing system to have HTTP
access to the BOSS Web Service.
access to the BOSS Web Service.
Note: Only an “Allow from” statement is required for HTTP access to the BOSS Web
Service. Both an “Allow from” statement and REMOTE_ADDR definition are
required for HTTPS access to the BOSS Web Service. The REMOTE_ADDR
statement is added later in this document.
1 Open an xterm window on the DNCS.
2 Log into the system as root:
Service. Both an “Allow from” statement and REMOTE_ADDR definition are
required for HTTPS access to the BOSS Web Service. The REMOTE_ADDR
statement is added later in this document.
1 Open an xterm window on the DNCS.
2 Log into the system as root:
a At the prompt, type
su -
and press Enter.
b Type the root password and press Enter.
3 Open the /etc/apache2/user-conf/SAIdncs.bossreq.auth.conf file using a text
editor.
4 Add the following line to the end of the "Allow from" list:
Allow from [billing server IP]
Notes:
Replace [billing server IP] with the IP address or hostname of the billing
system.
system.
If a hostname is used, the hostname and IP address must be defined in the
/etc/hosts file.
/etc/hosts file.
An entire subnet can be allowed using slash notation.
Example: The “Allow from” list should look similar to the following example:
Order Allow,Deny
Allow from localhost
Allow from dncs dncs
Allow from dncsws
Allow from 172.16.20.1
Allow from 172.10.1.0/24
5 Save and close the file.