Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Securing help server for WebSphere 8.5 ND deployment

I made an installation of RTC + DM + RELM, all release 4.0.4, using the WebSphere ND deployment, source: https://jazz.net/wiki/bin/view/Deployment/ConfiguringEnterpriseCLMReverseProxiesWebSphere85NDProxy). All applications deployed in a separate WAS profile and global security set for both administrative and application security. The help for all applications were deployed in the according application server profile. WAS is configured for usage of  federated realm.

Securing the help administration site during the finalization I accidentally navigate from my notebook to the URL of the server https://sses.domain.corp/clmhelp/updater/admin.jsp instead of using localhost as described in the IBM documentation. But no problem the page was displayed. I was wondering a little bit that the connection was established at all. The default settings were not changed after installation.

I think it’s related to the WAS reverse proxy configuration?! There is also no difference between a deployment on a single server or a dedicated server for each application.

In general this would not a be problem changing the access to “Role Based Security” but this is not working as expected. I changed this setting and set a password for the default admin user. After that I was asked for credentials for “Update…” and “Remote…” sub sections which still accept the default password? Trying to access the sub section “Administrative Access…” was rejecting for both the default and the password set by me earlier.

Another security issue for me is that the settings for “Network Connections” are accessible without any authentication. So the only acceptable configuration is the “Local Access Only”.

Anybody knows how to limit the access to all the administration pages of the help servers?

0 votes


Be the first one to answer this question!

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details

Question asked: Jan 15 '14, 5:06 a.m.

Question was seen: 4,982 times

Last updated: Jan 15 '14, 5:06 a.m.

Confirmation Cancel Confirm