Besides my OpenWorld presentation on Wednesday, I'm also staffing demo pod 15 Monday, Tuesday, and Thursday. Today, while discussing PeopleTools with our customers at pod 15, a brilliant gentleman asked me, "How can I encrypt and digitally sign e-mails sent by the PeopleSoft process scheduler and the workflow engine?" My first answer? "Hmmm..." My first action? Turn to legendary Chris Heller, who happened to be standing near me, to ask him what he thought. The three of us, along with my pod mate Rahul, discussed some options and came up with the following ideas:
- If your SMTP server can be configured to do so, then have it digitally sign and encrypt your e-mails.
- If your SMTP server can't handle this task, then setup a secure e-mail relay between PeopleSoft and your SMTP server for the purpose of encrypting and signing e-mails.
This question reminded me of another networking related enabling solution. This problem and solution relate to Integration Broker's proxy settings. If your Integration Broker resides behind a proxy server and you have configured Integration Broker to use that proxy server, then you may have noticed that Integration Broker will send all requests through your proxy server. This is good, if the request target resides outside your firewall. This may not be good if the requested resource is inside your firewall. The problem is caused by the fact that Integration Broker cannot be configured to bypass its proxy server for specific hosts. If you find yourself in this situation, then here are a couple of solutions:
- Configure your firewall proxy server to be an Intercepting Proxy. From a PeopleSoft configuration perspective, this solution is the easiest because it allows you to ignore the proxy issue.
- Use a forwarding proxy server. Apache's mod_proxy is the first that comes to mind. If you use a forwarding proxy, then be sure to secure it. The last thing you want is for your forwarding proxy to become an open proxy.
Another option is to configure your proxy server to connect to both internal and external sites. I do not recommend this for a couple of reasons:
- You may inadvertently make a path for other, external programs to access your internal servers.
- You unnecessarily increase the amount of traffic your firewall proxy server has to handle.
Before choosing a solution to either of these network related issues, be sure to discuss your options with your network security staff.
2 comments:
I am working on Supplier Contracts . And there is a requirement to load and log email conversations in to PS .. Right now we are using Outlook 365 . And I See that there is code to link to an email SMPT server (Not sure the additional issues with Microsoft and exchange) .. I am wondering if you have any Red/white Book or something that will make it more efficient . PTF_MCF_MAIL MCFGetMail . I know I can put Contract in subject But is there a better way similar to Google/Yahoo where I can add a + and a code at the end of the email name to make it unique but go to base email address
This is a great question! No, PeopleSoft doesn't have a design for special mailbox handling like GMail. Probably because PeopleSoft isn't a mail server. It can read from (IMAP or POP), and it can send through an e-mail server, but it is not an e-mail destination itself. If GMail is your e-mail provider, then PeopleSoft logging into access an inbox on a GMail server would receive all e-mails for that user, even the ones with a + or other punctuation (GMail user names ignore punctuation, so user.name is the same username is the same as user.name+finance). Otherwise, you would need a separate e-mail address/account for each target.
Integration Broker has a target connector for IMAP and POP3 so you don't have to use the MCF to read e-mail, but you might use it to send email.
Post a Comment