Secure your environment after installation

 

+

Search Tips   |   Advanced Search

 

WAS depends on several configuration files that are created during installation. These files contain password information and need protection. Although the files are protected to a limited degree during installation, this basic level of protection is probably not sufficient for your site. You should verify that these files are protected in compliance with the policies of your site.

a Kerberos keytab configuration file contains a list of keys that are analogous to user passwords. It is important for hosts to protect their Kerberos keytab files by storing them on the local disk, which makes them readable only by authorized users.

The files in...

app_server_root/profiles/profile/config
app_server_root/profiles/profile/properties

...except for those in the following list, need protection.

For example, give permission to the user who logs onto the system for WAS primary administrative tasks. Other users or groups, such as WAS console users and console groups need permissions as well.

The files in...

app_server_root/profiles/profile/properties

...that should not be protected are...

 

Procedure

 

Results

After securing your environment, only the users with permission can access the files. Failure to adequately secure these files can lead to a breach of security in your WAS applications.

 

What to do next

If failures occur that are caused by file accessing permissions, check the permission settings.


 

Related tasks


Preparing for security at installation time