Security of Script Jobs and Functions


Jedox Integrator contains several generic, mainly script-based, standard components:

  • functions: Groovy, JavaScript, Java
  • transform: RScript
  • jobs: Groovy, JavaScript

The authorizations inside of the script are those of the OS user for the service JedoxSuiteTomcatService. By assigning limited file system and network access to this user on the OS (Windows and Linux), all script-based components are restricted.

Note that this restriction applies also to the complete Jedox installation.

Deactivation of Integrator components

Unused Integrator server components can be set to inactive in this way:

In file <Installation Path>\tomcat\webapps\etlserver\config\customer\component.xml add a section for the component with attribute status=”inactive”  (e.g. by copying the corresponding section from file .\config\standard\component.xml):

        <component name=”JavaScript” class=”com.jedox.etl.components.job.JavaScript” status=”inactive”>

Restart JedoxSuiteTomcatService

Groovy Sandbox

The Groovy sandbox allows the precise definition of Java packages and classes that are allowed to be used in the function and job of type Groovy. By default, the Groovy sandbox is disabled and all Java classes are allowed.

The Groovy Sandbox can be configured in file <Installation Path>\tomcat\webapps\etlserver\config\groovy.xml:

  • It is enabled by setting <security enabled=”true”>
  • <defaults>true</defaults>
    Allows the usage of some basic Java classes used e.g. for arithmetical operations: Boolean, String, Integer, Double, Long, Float, Short, Byte, BigDecimal, BigInteger, Date, Math, Calendar, GregorianCalendar
  • <apis>true</apis>
    Allows the usage of the Integrator Scripting API e.g. via API.executeJob()
    (see: )
  • <allows>
    A whitelist of Java classes and packages which are explicitly allowed. By default, in the Groovy sandbox no Java class/package is allowed. Packages are defined with the „* wildcard.
  • <denies>
    A blacklist of Java classes and packages which are explicitly not allowed for usage. First the allowed list is evalutated and then the deny list is explicitly forbidden.

Example: Allow all classes from package java.util except the class java.util.HashMap:





  • The usage of the Groovy Sandbox may result in a slight decrease in performance of Groovy functions and jobs for some cases, especially if many allow/deny rules are defined and many different classes are used.
  • The usage of Java Security Manager on the JVM is not supported.