User management rights separated from system administration rights
To avoid our ARIS administrators haveng permanent high privileges we suggest to give ARIS the configuration capability to assignUser management rights to user group A andsystem administration rights to user group B
Often support asks for databases in order to reproduce the issue on Software AG environment. Many customers are not allowed to share their databases. If we would have a solution that can change all values in the database with a random string, then...
Development tenant with each Production ARIS Cloud Enterprise SaaS
SAG should offer an option to deploy a Development tenant along with Production tenant on the same infrastructure forRIS Cloud Enterprise SaaS customers. Customer could work on the configuration and test customisation of the Portal or Method witho...
At Rabobank we're interested in obtaining the raw date from the elasticsearch runnable. The statistics are stored in the elasticsearch runnable
and currently there is no way to export the raw data into a text file or
something similar.
Architect/Designer - Support NTLM authentication for proxy
Almost all customers are using NTLM authentication for proxy servers as this is considered far more secure. With more and more customers moving to the cloud, the fact of only supporting basic authentication becomes a bottleneck as the security dep...
Azure AD Integration - Multi Factor Authentication (MFA)
The current authentication method for Aris Element / Advanced is using a single factor authentication (username/password). This is not secure enough, multi factor authentication is the standard for business SaaS applications. Aris contains commerc...
Multiple LDAP - Remove limitation of 5 characters for LDAP ID
If you're using the Multiple LDAP functionality the LDAP ID (com.aris.umc.ldap.connection.id) is limited to 5 Characters so it's not possible to use the Domain Name as the "identifier" as the ID will be added automatically infront of all userIDs t...
The finding impacts on Web UI and Desktop app.
The administrator is able to login to the application with username and password only. A compromise of these credentials may cause serious security issues, like deletion of users, website defacement,...
Application Sends Sensitive Data Unencrypted via email
The finding impacts on the Web UI
Confidential data (such as electronic statements) is delivered to the user via an insecure channel such as email. This exposes potentially sensitive data in plaintext over local and intermediary networks. This tr...