Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS Guide de l'utilisateur Page 61
- Page / 328
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Multi Server Management
1-39
Threat Prevention
The following table lists countermeasures that can be taken against possible security risks.
Table 1-14 Threat Countermeasures
Possible threat Countermeasures
Decryption of user IDs and passwords
- User ID and password protection
Exploitation of user IDs and passwords
- Setting an expiration date for the user ID and
password
Tampering of data recorded in the file
- Setting access permissions for the file storing the
information
- Periodic data backup
Exploitation of information recorded in files
- Setting access permissions for the file storing the
information
Countermeasures Against Decryption of User IDs and Passwords
In an environment open to the public like the Internet, user IDs or passwords may be decrypted on their
transmission route. The Interstage Management Console and Interstage Operation Tool implement
encryption of user IDs and passwords, but it is still possible for them to be decrypted. To minimize this
risk, set expiration dates for user IDs and passwords and change them periodically.
Countermeasures Against Exploitation of User IDs and Passwords
In an environment open to limited users like an intranet, it is not likely that user IDs and passwords will
be decrypted. Such an environment is often the management base of user ID and password
information, and user ID and password information is often saved in a file. If this file is accessible by
unauthorized users, there is a high risk of exploitation of user ID and password information. An effective
countermeasure against this threat is to set appropriate access permissions for files, storing user ID and
password information.
Countermeasures Against Tampering of Data Recorded In Files
To use the Interstage Management Console and Interstage Operation Tool, the Interstage HTTP Server
environment definition file is required. If the information in this file is tampered with, it may disable the
Interstage Management Console and Interstage Operation Tool and cause various problems. An
effective countermeasure against this threat is to set appropriate access permissions for this file. For
Solaris OE or Linux systems, refer to Enhancing Security (Protecting Interstage Resources) in Appendix
A.
Periodic backups are also effective. For backup information, refer to Maintenance (Resource Backup)
in the Interstage Operator's Guide.
- Security System Guide 1
- Trademarks 2
- Preface 3
- Table of Contents 7
- Part I 21
- Security Risks and Measures 21
- Chapter 1 23
- Security Risks 23
- Operation Tool 24
- Resource Possible threat 25
- J2EE Application 27
- Resources to be Protected 28
- Possible Security Risks 29
- Possible Countermeasures 31
- Web Services 33
- Database Linkage Service 34
- Periodic Backup 40
- OLTP Function 41
- Smart Repository 46
- Potential Security Threats 47
- Password Encryption 48
- Periodic Change of Passwords 48
- Operation by Limited Users 48
- Periodic Data Backup 49
- Interstage Single Sign-on 50
- Possible Threats 51
- Security Measures 52
- Application Programming 55
- Applying Patches 56
- Multi Server Management 57
- Configuration Model 58
- Threat Prevention 61
- Chapter 1: Security Risks 66
- Chapter 2 67
- Common Security Measures 68
- Notes on User Accounts 69
- Notes on Communication Data 69
- (Interstage HTTP Server) 70
- (InfoProvider Pro) 75
- Notes on the Use of Sessions 76
- SSL Encryption 80
- Definition 82
- About Authorization Settings 87
- About Errors and Exceptions 87
- Notes on IJServer Execution 89
- Repository 90
- Security Role Settings 92
- Part II 95
- Chapter 3 97
- Interstage HTTP Server 97
- Types of Authentication 98
- IP Access Control 99
- Online Collation 100
- Registering a User Password 101
- Relating Directives 103
- AuthName 104
- AuthType 104
- AuthUserFile 105
- <Directory> 105
- Require 106
- Operation without Using SSL 112
- Operation Using SSL 112
- Creating Entries 114
- Item Description 115
- AddModule 125
- AuthLDAPbasedn 125
- AuthLDAPBindDN 126
- AuthLDAPBindPassword 127
- AuthLDAPCertPath 127
- AuthLDAPEnabled 128
- AuthLDAPHost 128
- AuthLDAPPort 129
- AuthLDAPSecure 129
- AuthLDAPSlotPath 130
- AuthLDAPTknLbl 131
- AuthLDAPTknPwd 131
- LoadModule 134
- ServerRoot 136
- Part III 139
- Firewall and Proxy Server 139
- Chapter 4 141
- HTTP Tunneling 141
- HTTP Tunneling Mechanism 142
- HTTP Gateway Environment) 143
- Operating HTTP Tunneling 143
- HTTP Tunneling Setup 144
- Writing HTML 147
- Setting up HTTP Tunneling 148
- Parameter Name Meaning 149
- Java Applets 150
- Chapter 4: HTTP Tunneling 154
- Chapter 5 155
- HTTP Tunneling of J2EE 155
- Environment 157
- Property 157
- Meaning 157
- Chapter 6 161
- Linkage of the Proxy 161
- Part IV 163
- Authentication and Encrypted 163
- Chapter 7 165
- Certificate including 167
- Certificate without 167
- CA (Certification Authority) 168
- Configuring Environments 169
- Using PKCS#12 Data 170
- Registering a CRL 176
- Importing the PKCS#12 data 179
- Certificate Management 183
- Operation Begins 184
- Deleting a Certificate 184
- Chapter 8 185
- Command 185
- Management Environment 186
- Resource Registration 196
- Command Description 199
- Chapter 9 201
- Registering the User PIN 203
- General Operation of SSL 204
- CustomLog 213
- DocumentRoot 214
- ErrorLog 215
- LogFormat 217
- ScriptAlias 219
- ServerAdmin 220
- ServerName 220
- SetEnvIf 222
- SSLCertName 222
- SSLCICACertName 223
- SSLCipherSuite 224
- SSLEnvDir 226
- SSLExec 226
- SSLSlotDir 227
- SSLTokenLabel 227
- SSLUserPINFile 228
- SSLVerifyClient 229
- SSLVersion 230
- <VirtualHost> 232
- Chapter 10 233
- Operating the SSL Linkage 237
- Reference 238
- Command Definition 239
- Editing config File 240
- How to Use SSL with J2EE 243
- Chapter 11 243
- Chapter 12 247
- Repository Client and Server 249
- Part V 251
- Chapter 13 253
- Digital Signature Function 254
- Function 256
- SOAP Messages 257
- Communication via the Proxy 258
- Chapter 14 259
- Services (SOAP) 259
- Property name Value 260
- Operation 262
- Certificate Environment 263
- Using a CORBA/SOAP Gateway 273
- Chapter 15 275
- Setting User Information 278
- Preparing a Private-key 284
- Preparing a Site Certificate 290
- Preparing a Private Key 294
- Fault Codes 297
- Fault code Explanation 298
- Supported Algorithms 299
- Chapter 16 303
- System) 304
- Part VI 317
- Service 317
- Chapter 17 319
- Chapter 18 321
Produits connexes et manuels pour Serveurs Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
Serveurs Red Hat NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION Guide d'installation
(142 pages)
(142 pages)
(32 pages)
Serveurs Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE Guide de l'utilisateur
(332 pages)
(332 pages)
Serveurs Red Hat NETSCAPE ENTERPRISE SERVER 6.1 - PROGRAMMER GUIDE TO SERVLETS Guide d'installation
(72 pages)
(72 pages)
Serveurs Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS Manuel d'installation
(92 pages)
(92 pages)
© 2020, manymanuals.fr. Tous droits réservés | 1.539 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels