#337 – ACM and Load Balancers

This week on the podcast, Kyle and Dan discuss securing your public user and leaking information, how to speed up change assistant upgrade projects, and new ACM plugins to work with Load Balanced gateways.

The PeopleSoft Administrator Podcast hosted by Dan Iverson and Kyle Benson.

Show Notes

#327 – HAProxy and OCI Load Balancer

The PeopleSoft Administrator Podcast hosted by Dan Iverson and Kyle Benson

This week on the podcast, Kyle and Dan talk about mapping remote client IPs to PeopleSoft logs and tables, and then discuss the benefits of load balancing with HAProxy and the OCI Load Balancer as a Service.

Show Notes

#171 – Web Profiles

This week on the podcast we discuss Event Mapping for App Engines that was teased in a PeopleSoft Talk. Then Kyle shares what learned about Portal Registries and security, and the new Reload Web Profile feature in 8.57.

Show Notes

#150 – PIA URLs & IB Failover

This week on the podcast, Kyle discusses a workflow message tester, and the thought process behind setting up IB failover. Dan explains what the ampersand at the end of URL means for PIA URLs.

Show Notes

#140 – robots.txt

This week on the podcast, Kyle and Dan discuss how to hide public PeopleSoft pages from search results using the robots.txt file, good ideas gone bad when debugging, and how to contribute custom ACM plugins to the community (Thanks Cory!).

Show Notes

#128 – Extending PeopleSoft w/ Colton Fischer

This week on the podcast, Colton Fischer joins Dan to talk about hidden ACM plugins, using the Web Profile to extend HTML pages, and his experience working with the Page and Field Configurator.

Show Notes

#123 – ps_patch

This week on the podcast Dan and Kyle discuss Colton Fischer’s Web Profile discovery, Kyle shares his CPU Patching process and how he automated the process then Dan discusses how he resolved a PIA domain bug.

Show Notes

8.55 – Cross-Origin Resource Sharing

In PeopleTools 8.55, Cross-Orign Resource Sharing (CORS) is now supported. Don’t know what CORS allows? Here is a good primer on the topic.

The Same-Origin Policy restricts the browser from performing certain actions by scripts or documents based on the origin. The origin is everything in the URL before the path (for example, http://www.example.com). For certain actions, the browser will compare origins and, if they don’t match, won’t allow things to proceed. For example:

  • A parent document can’t access the contents of an that comes from a different origin. This prevents a malicious site from opening up your bank’s website and stealing your credentials, as an example.
  • While one document can send information to another via a form post, AJAX requests across origins are generally disallowed.

The Same-Origin Policy is a vital piece of web security architecture, but it also poses a problem. What happens when you want to allow a site with a different origin to access your content?

Here is a great example of where CORS support can benefit PeopleSoft. In Enterprise Learning Management, you can link to hosted web-based training. Often, that web-based training is on a different domain. With CORS support, you can add in remote sites in the Web Profile and display remote courses in your ELM environment.

To enable Cross-Origin sites, open your Web Profile. There is a new tab, Authorized Site, that lets you list many sites to support.