Strategy Community Connectors allow you to import data from different data sources into your Strategy platform. For a list of supported connectors, please refer to MicroStrategy Community Data Connectors.
As a result of a recent security analysis of Strategy features, Strategy's Technology Team determined that additional protection should be provided to restrict the locations used to visit from our product.
From Strategy 2020 Update 4 and Strategy 2019 Update 8, administrators can specify which URLs or URL paths are permitted by the Community Connectors.
A whitelist is a list of trustworthy items. In this instance, Strategy asks you to specify which locations are allowed to be accessed. We already predefined some hostnames used by the connectors, but for on-premise sources like Elasticsearch and Solr, you should define your private IP addresses in the list.
Otherwise, the requests will be blocked and the follow error is returned:
exception: "java.lang.RuntimeException: Unsupported url.
Find
CommunityConnectors\WEB-INF\classes\security.propertiesand edit the file.
# All localhost address and loop address will be blocked. # White list is a list of comma separated urls. # For pattern and matching rules, see https://developer.chrome.com/docs/extensions/mv2/match_patterns/ (Exception: only 'http' and 'https' scheme supported). security.request.ipWhitelist=*.fitbit.com,*.tapclicks.net,*.microsoft.com,*.atlassian.net,*.data.world,*.surveymonkey.com,*.alchemer.com,*.demdex.com,*.adobe.io,*.workday.com,*.zoom.us,*.box.com,*.sharepoint.com # For connectors such elasticsearch, solr, the administrator needs to add specific end points to this white list.
security.request.ipWhitelistline, add your IP or hostname to the end. For more patterns, please refer to Match patterns. Each pattern is split by a comma.
For a cluster environment, please modify the whitelist files for all the nodes.
