Disable Custom Microagent

The Custom microagent can be disabled by leveraging the Security TrustModel supported by TIBCO Hawk. Users are explicitly granted or denied access through the access control file.

The following steps describe how to disable Custom microagent execution.

If multiple Hawk agents are running on a machine and these Hawk agents in turn belong to different Hawk domains, specify separate access control files for each domain.

For each Hawk domain create a directory HAWK_HOME/domain/<domain-name>/security where <domain-name> is the name of the Hawk domain.

2. According to the requirements of your system, copy HAWK_HOME/examples/security/Trusted.txt or HAWK_HOME/examples/security/TrustedWithDomain.txt to CONFIG_FOLDER/security/.

Modify the file to add the following lines:

   * * *	*

   none       *     COM.TIBCO.hawk.microagent.Custom              +

The first line grants access to all users, on all nodes, and for all microagent methods.

The second line grants access only to the user none, on all nodes for the Custom microagent, where none is a non-existent user. This effectively prevents anyone from executing the Custom microagent.

4. Ensure that the security_policy parameter in Hawk agent configuration is set to one of the following, before starting TIBCO Hawk Agent and Hawk Console:

COM.TIBCO.hawk.security.trusted.Trusted or COM.TIBCO.hawk.security.trusted.TrustedWithDomain

Did you find this helpful?

Yes No