How to disable prsysmgmt?
Hello,
env:
Pega 7.22
Tomcat
What's the best practice method to disable prsysmgmt web page?
Can I move opt/tomcat/webapps/prsysmgmt/WEB-INF/web.xml to a different filename?
Or remove it totally?
I've read "Chapter 3: SMA Security" in SMA Reference Guide v6.2, but those steps don't seem to working. (I'm not prompted for any auth after implementing)
Thank you for any suggestions.
Matt
***Updated by moderator: Lochan to add Categories***
Pegasystems Inc.
US
Hi Matt,
If you don't want to use it, can you just undeploy it? Remove the war corresponding to the prsysymgmt from tomcat's webapps folder and restart the tomcat, this should undeploy the application.
Thanks,
Mukul
Welltok
US
Currently, I have moved /opt/tomcat/webapps/prsysmgmt/WEB-INF/web.xml to a different filename, restarted tomcat,
and now I get a HTTP 404 return code. Which is good.
Welltok
US
Mukul,
Thanks for the advice.
In what situations would I need prsysmgmt UI? Can I accomplish the same tasks from the command line of the ec2 instance the pega app is running on?
Thanks!
Pegasystems Inc.
US
Hi Matt,
You need prsysmgmtui to check the system configuration and the components health. For example you can check the runtime env for the node or check if the system or custom agents are running properly or not. EC2 command line tool is for dev ops work to monitor and configure the infrastructure for the server or instance. So, both of these are used for different purpose. Prsysmgmt is to manage the product level components and ec2 is for infrastructure level management.
Thanks,
Mukul
Welltok
US
Thanks Mukul,
One last question, and I'll stop bugging you!
Is there command line tool equivalent for prsysmgmt? I'd prefer not to use a UI to manage the product level components.
-Matt
Pegasystems Inc.
US
Hi Matt,
No problem. Feel free to raise a question, if we can not answer it here and need more digging into the artifacts we may ask you to ope a SR.
I am not sure if there is any other tool, I will check and let you know.
What is your concern behind not using the SMA?
Thanks,
Mukul
Welltok
US
My concern for using SMA is this: I don't want to expose the prsysmgmt UI/page to the public. I know I can enable auth, but I'd rather have it not viewable at all, if I don't need the functionality.
AEGIS Insurance Services, Inc
US
Instead of just removing the web.xml, the prsysmgmt.war should be undeployed from the app server. This will ensure that:
1) none of the code runs accidentally
2) the deployed app doesn't use up the server resources
3) no security holes are left open for exploitation.
Instead of just moving opt/tomcat/webapps/prsysmgmt/WEB-INF/web.xml, remove the entire prsysmgmt directory from under opt/tomcat/webapps