Este conteúdo não está disponível no idioma selecionado.

Chapter 3. Securing the Management Console


Overview

There are two main aspects to securing the Management Console:
  • Authentication
  • SSL/TLS security

Authentication

Authentication is enabled by default on the Management Console and is required in order for the Management Console to function correctly. The authentication mechanism consists of the following key elements:
  • HTTP BASIC authentication protocol—the standard HTTP protocol for transferring username/password credentials is the BASIC authentication protocol. This protocol sends username/password credentials in plaintext, so these credentials are vulnerable to snooping, unless you enable SSL/TLS security.
  • JAAS authentication—the Java Authentication and Authorization Service (JAAS) is a pluggable framework for authenticating credentials on the server side. The Jetty servlet container (which hosts the Management Console) is configured to use the karaf JAAS realm by default. This ensures that the Management Console uses the same pool of user credentials as the other standard container services (where the user credentials are usually stored in the etc/users.properties file by default, in a standalone container).

SSL/TLS security

SSL/TLS security is not enabled by default for the Management Console. It is recommended that you enable SSL/TLS security on the Management Console to protect username/password credentials from snooping. For detailed instructions on how to enable SSL/TLS security, please see the following reference:
Red Hat logoGithubRedditYoutubeTwitter

Aprender

Experimente, compre e venda

Comunidades

Sobre a documentação da Red Hat

Ajudamos os usuários da Red Hat a inovar e atingir seus objetivos com nossos produtos e serviços com conteúdo em que podem confiar.

Tornando o open source mais inclusivo

A Red Hat está comprometida em substituir a linguagem problemática em nosso código, documentação e propriedades da web. Para mais detalhes veja oBlog da Red Hat.

Sobre a Red Hat

Fornecemos soluções robustas que facilitam o trabalho das empresas em plataformas e ambientes, desde o data center principal até a borda da rede.

© 2024 Red Hat, Inc.