December 23, 2016December 19, 2016 by Dan Iverson

#60 – PeopleSoft Test Framework 101

This week on the podcast, Dan tries a different Remote Desktop tool, using RSS feeds to monitor PeopleSoft data and comparing SQL Explain Plans with SQL Developer. Then Kyle gives a great overview of the PeopleSoft Test Framework and what you need to know before using it.

Show Notes

mRemoteNG @ 1:30
VirtualWin and Windows 10 @ 6:30
Troubleshooting Monitor Issues @ 8:30
Query Trees and Patches @ 10:30
- Query Tree Export Bug
Managing Servlet Config Data @ 15:30
- How Colton Works
JMX and JVM/WebLogic monitoring @ 17:45
- WLST Script to capture WebLogic data
RSS Feeds, PeopleSoft and monitoring Integration Broker @ 23:30
Comparing Explain Plans in SQL Developer @ 32:00
COBOL Unicode Compile @ 36:00
Getting Started on PTF @ 39:00
Storing and Recording Tests 45:00
- Library Tests (not Shell Tests) – PeopleBooks Reference
PTF Reports and Usage Monitor@ 51:45
Integrating Tests with Daily Development@ 63:00

November 18, 2016November 7, 2016 by Dan Iverson

#55 – 2FA and Event Mapping w/ Colton Fischer

This week on the podcast, Colton Fischer joins us to talk about 2 Factor Authentication (2FA) and Event Mapping. Colton explains what 2FA is, how to implement it, and how he used Event Mapping to add it to PeopleSoft. We also talk about Servlet Filters and using REST-based API’s with PeopleTools.

We want to make this podcast part of the community discussion on PeopleSoft administration. If you have comments, feedback, or topics you’d like us to talk about, we want to hear from you! You can email us at podcast@psadmin.io, tweet us at @psa_io, or use the Twitter hashtag #psadminpodcast.

You can listen to the podcast here on psadmin.io or subscribe with your favorite podcast player using the URL below, or subscribe in iTunes.

Podcast RSS Feed

Show Notes

PeopleSoftMods.com @ 2:00
2 Factor Authentication & Event Mapping @ 4:15
TOTP Codes @ 16:00
- Google Authenticator w/ PeopleSoft
- TOTP Algorithm
Sending SMS Messages in PeopleSoft @ 23:45
REST API Limitations @ 27:15
- Cedar Hills Group JSON Parsing Library
Servlet Filters @ 30:00
- Data Masking Servlet Filters
Logging with Event Mapping @ 40:00
Event Mapping Limits and Future Improvements @ 43:15
Customizations w/ Event Mapping @ 49:30

April 29, 2016May 6, 2016 by Dan Iverson

#26 – WebLogic Filters

This week we talk about HR Image 17, the new Security Automation tool, and share some comments from David Kurtz about PeopleSoft on 12c. Then, Kyle dives into WebLogic Servlet Filters and shares how filters can be used with PeopleSoft.

You can listen to the podcast here on psadmin.io or subscribe with your favorite podcast player using the URL below, or subscribe in iTunes.

Podcast RSS Feed

Show Notes

The psadmin.io Community
Security Deployment Tool – PeopleBooks Link
Disable the LLE warning in Interaction Hub Image 2: set LLE_DEPRECATION_WARN_LEVEL=NONE (or ONCE)
Kyle’s PSEatCookies Filter
PeopleBooks – Kerberos Filter for Desktop Single Signon
Essentials of Filters
Chain-of-responsiibility design pattern
Episode #6 – TokenChpoken and Other Security Issues
Update – May 6, 2016 – David Kurtz – PeopleSoft on Oracle 12c

June 22, 2015April 3, 2020 by Dan Iverson

PSEatCookies

From Kyle Benson: a servlet filter to remove PS_TOKEN from the response cookie:

One option is to simply disable the PS_TOKEN, and therefore prevent this vulnerability altogether! The problem is, PeopleSoft does not give us the option to disable it.

I decided to come up with a proof of concept for a custom solution to this issue. I wrote a Java servlet filter, called PSEatCookies, that will prevent a PS_TOKEN, or any other Cookie you specify, from being added to the ServletHttpResponse.

Tag: servlet

Show Notes

Show Notes

Show Notes