Configure Secure File Transfer
The filetransferSecured application shall be installed to ensure that the deployment manager only responds to file transfer requests from trusted servers in the cell, when it communicates configuration updates to node agents.
The commands to install the filetransferSecured application (if not already installed as part of default) are:
Ø cd <profilehome>\bin
Ø wsadmin.bat -user <wasadminuser> -password <waspassword>
Ø wsadmin> source ../../../bin/redeployFileTransfer.jacl
Ø wsadmin>fileTransferAuthenticationOn <your cell name> <dmgr node name> dmgr
Ø wsadmin>$AdminConfig save
This will ensure that configuration updates are legitimate and eliminates the risk of configuration settings getting compromised.
To determine the current state of the file transfer authentication, see the systemapps.xml file in the <WAS_INSTALL_DIR>/AppServer/profiles/<PROFILE>/config/cells/cell_name/nodes/node_name directory:
· This entry indicates that authentication is on:
<deployedApplications>${app_server_root}/
systemApps/filetransferSecured.ear</deployedApplications>
· This entry indicates that authentication is off:
<deployedApplications>${app_server_root}/
systemApps/filetransfer.ear</deployedApplications>
No comments:
Post a Comment