Search Results

Translators are used for handling special values during integration: A translator is handed a value, that it can transform and return. Supported methods String execute( String config, String value, Connection conn );

URL related naming Allways use lowercase for application naming Code naming standards Package / naming placement Package name all lowercase General platform entities Servlets: com.tsnocode.server.servlet Filters: com.tsnocode.server.filter Core...

The platform must be able to run on Current versions of Java Current versions of Tomcat MySQL and MariaDB Do not use current_timestamp (property)

Input sanitization used in SQL, using either Escape all string parameters using DbConnection.EscapeSQL Prepared statements All Page codeunits should contain some user group restrictions, and set to be default off

The following changes requires a formal code review Changes to the API Changes to common objects Command Security Controller DbConnection Creation of OR changes to Servlets Servlet Filters CodeunitPagePublic Code containing SQL Any co...

Commands are specified in the command parameter when calling the main servlet https://acme.com/TempusServa/main?command=index The core commands are index many (list) item (edit) new View commands can also be used in Integration/Content_source

ARTICLE IS DRAFT / UNDER DEVELOPMENT Navigation command function required optional <none> Default command     index Nested accordion list of all solutions     board Display default dashboard   Dashboard Single item ...

scan The scan servlet will take input from HTTP calls, usually triggered from an QR or NFC scan. The use is either Make an Object call, then an Action call (within 1 minute). Make an Action call, then an Object call (within 1 minute). Make a combined ca...

The LES Whistleblower Platform is fully managed by Tempus Serva ApS. The system supports the following roles and usecases Case Triager: Assignes cases to applicable lawyer Lawyer: Handles whistleblower cases Tenant user: Handles whistleblower cases Whis...

The LES Whistleblower Portal is hosted by Amazon Webservices EC2 in the data center in Stockholm, which complies with the following standards PCI DSS 3.2 Level 1 Service Provider, FIPS 140-2, ISO 27001. The server is protected by 2 layers of firewalls and util...

The technological stack consists of: LES Whistleblower Portal TS No-code Platform Apache Tomcat MySQL Amazon Linux 2

Backups are securely stored in a redundant environment. Data is stored in encrypted form and adequate measures enable recovery in case of system failure or interruption. The environment is backed up as follows: A) Daily full server backups, stored for 30 da...

The following security and compliance features are enabled and active: Password policy The enabled policy forces users to create passwords based on the following minimum criteria: Minimum 8 characters, Must contain uppercase and lowercase letters, Must cont...

In order to prevent bruteforce attacks on passwords to meaures are implemented Maximum number of retries for passwords Detection of spread attacks across multiple accounts Maximum login retries Configuration options for Maximum number of login retries ...

Understanding permissions Data access is retricted in two ways Mandatory permissions granting access to Certain groups of fields (blocks) Records in certain status Optional filters binding certain data to certain users Owner user (the user ...

HTTPS / SSL is readily supported as the interface is indifferent of which protocol is used by the user. It is however possible to force the user to use SSL by tweaking the configuration Force SSL during logins Force SSL in interface Users making specif...

Security by design The platform is security designed in accordance with OWASP version 4: Level 2: Compliant Level 3: +90% supported In addition the platform supports a wide range of security schemes and logging features, needed for support of ISO27001,...

Password Policies (recommended) TS No-code Platform allows you to setup and enfoce the use of strong passwords through an appropriate password policy. Specify attribute requirements that control complexity and lifetime of passwords such as: Mimimum passwor...

Virus scanning Scanning of uploaded files are left to software installed on the system. The upload feature will temporarily store the files on the file system, so that detection mechanisms can quarantine the files in case they are infected. Storage encrypti...

Activity and data logging (optional) Activity and Data Logging includes the automatic creation of a series of log files. Logging can be set up for each entity in an application providing insight and transparency in relation to: user activity, creation, change...