IBM Sustainability Software - Ideas Portal
Hide about this portal


This portal is to open public enhancement requests against the products and services belonging to IBM Sustainability Software. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Not under consideration
Workspace IBM MAS - Manage (Base)
Created by Guest
Created on Feb 7, 2012

RELATED IDEAS

Request to review Maximo URL passing username and password directly

See this idea on ideas.ibm.com

This is in reference to existing capability of Maximo login in following TechNote
http://www-01.ibm.com/support/docview.wss?uid=swg21443945
As per technote Maximo allows connecting directly to StartCenter EVEN when SSL https connection is used .

We would like this to be addressed in Maximo login process /code so that it would prevent the embedded username password URL to by pass login page ( For example a flag in code /database MAXVARS to set this as an option )

Idea priority High
  • Post comment
  • Admin
    Kim Woodbury
    Reply
    |     Oct 6, 2022

    Thank you for your submission. At this time there are no plans within the next several releases to introduce this capability.

  • Guest
    Reply
    |     Oct 29, 2015

    Due to processing by IBM, this request was reassigned to have the following updated attributes:
    Brand - Internet of Things
    Product family - Component
    Product - Tivoli Process Automation Engine (TPAE)

    For recording keeping, the previous attributes were:
    Brand - Tivoli
    Product family - Component
    Product - Tivoli Process Automation Engine (TPAE)

  • Guest
    Reply
    |     Mar 1, 2012

    This is part of launch in context functionality of the Maximo,  Passing userid and password on url  as a get process is not a good practice ,  We can consider this as hardening security and only allow post action for secure parameters like userid , password etc.   At this point we can not prevent this and it will have to consider as a future enhancement request.

  • Guest
    Reply
    |     Feb 10, 2012

    Hello I noticed this is under consideration which is appreciated .I would highlight that the business justification and seriousness in that nowadays when there are a lot of Cloud based machines users , risk is even higher for a 'web crawling ' program to detect the URL and publish it on the WWW for search engine

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.