3.3 Ensure Admin Console is either secured or removed - 'JBOSS_HOME/server/@PROFILE@/deploy/management'

Information

The Administration Console application must be secured so it is accessible by trusted administrators only. If this condition is not met, the application must be removed (deleted) from deployment.

Solution

To remove the Administration Console from deployment, delete the exploded SAR located here: JBOSS_HOME/server/@PROFILE@/deploy/admin-console.war/

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CAT|I, CSCv6|9.1

Plugin: Unix

Control ID: dfe3410c0e983ff8353a8ac2203f08360d36f33b5b1fa004d02a1e05865bf3cb