Wednesday, November 14, 2012

Restricting or allowing access to the administrative console based on client IP or DNS hostname

Question

Is it possible to restrict access to the WebSphere Application Server administrative console to specific client IPs?

Answer

If a client has a requirement to allow access to the administrative console from only certain originating IPs, then it can be configured as follows.
  1. Open the Deployment Manager Console to WebSphere Application Server Network Deployment (it can be the base Application Server as well) to the following:

    Servers > Application servers > server_name > Web container transport chains > WCInboundAdminSecure > TCP inbound channel
  2. Under General Properties, work with the following 4 fields:
    • Address exclude list
    • Address include list (for example, 9.X.X.75, 9.55.X.X,)
    • Hostname exclude list
    • Hostname include list

    Note: Multiple IPs or hostnames can be added in any of the preceding fields (as needed), but they need to be separated by a comma.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)