Specifying how the Controller maps scan requests to sensor pools

The pool_mapping_mode property in the config.properties file determines how the Controller maps scan requests to sensor pools. The valid values for the pool_mapping_mode property are:

• disabled— In this mode, a OpenText ScanCentral SAST client requests a specific sensor pool when it submits a scan request. Otherwise, the default pool is used.

  For details, see the following table.

• enabled— In this mode, if a scan request is associated with an application version in Application Security, the Controller queries Application Security to determine the sensor pool assigned to the application version. Alternatively, a client can request a specific sensor pool when it submits a scan request. A client request for a specific sensor pool takes precedence over a query from the Controller.

  Sensors in the default sensor pool run scan requests that are not associated with an application version (and no specific pool is requested on the OpenText ScanCentral SAST client command line).

• enforced—As with the enabled mode, if a scan request is associated with an application version in Application Security, the Controller queries Application Security for the sensor pool to use for the application version. Otherwise, the Controller targets the default sensor pool for scan requests. A OpenText ScanCentral SAST client cannot request a specific sensor pool in the enforced mode.

  If ssc_lockdown_mode is enabled, then the pool_mapping_mode is automatically set to enforced and the value set for pool_mapping_mode in the config.properties file is ignored.

The following table shows how the Application Security integration with OpenText ScanCentral SAST responds to different input when the pool_mapping_mode is set to disabled, enabled, or enforced.

Configuring the Controller