1.20 - Remove default roles from production servers - 'console-mgr default role != JBossAdmin|HttpInvoker|friend|guest'

Information

Remove, rename, or comment out the default role definitions in the default <application-policy> elements

Solution

Ensure the default role assignments have been removed, renamed, or commented out from the default properties files located in JBOSS_HOME/server/[PROFILE
]/conf/props/

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5, CAT|II

Plugin: Unix

Control ID: 1d1090f73d345edbf55903e2cc9064849abb2a49634b768354f6b33dc6bfe92a