Last activity: 13 Oct 2017 14:46 EDT
How to disable prsysmgmt?
What's the best practice method to disable prsysmgmt web page?
Can I move opt/tomcat/webapps/prsysmgmt/WEB-INF/web.xml to a different filename?
Or remove it totally?
I've read "Chapter 3: SMA Security" in SMA Reference Guide v6.2, but those steps don't seem to working. (I'm not prompted for any auth after implementing)
Thank you for any suggestions.
***Updated by moderator: Lochan to add Categories***
Do you want to disable or secure the SMA page?
I would like to disable the SMA page. I don't use it.
If you don't want to use it, can you just undeploy it? Remove the war corresponding to the prsysymgmt from tomcat's webapps folder and restart the tomcat, this should undeploy the application.
Currently, I have moved /opt/tomcat/webapps/prsysmgmt/WEB-INF/web.xml to a different filename, restarted tomcat,
and now I get a HTTP 404 return code. Which is good.
Thanks for the advice.
In what situations would I need prsysmgmt UI? Can I accomplish the same tasks from the command line of the ec2 instance the pega app is running on?
You need prsysmgmtui to check the system configuration and the components health. For example you can check the runtime env for the node or check if the system or custom agents are running properly or not. EC2 command line tool is for dev ops work to monitor and configure the infrastructure for the server or instance. So, both of these are used for different purpose. Prsysmgmt is to manage the product level components and ec2 is for infrastructure level management.
One last question, and I'll stop bugging you!
Is there command line tool equivalent for prsysmgmt? I'd prefer not to use a UI to manage the product level components.
No problem. Feel free to raise a question, if we can not answer it here and need more digging into the artifacts we may ask you to ope a SR.
I am not sure if there is any other tool, I will check and let you know.
What is your concern behind not using the SMA?
My concern for using SMA is this: I don't want to expose the prsysmgmt UI/page to the public. I know I can enable auth, but I'd rather have it not viewable at all, if I don't need the functionality.
AEGIS Insurance Services, Inc
Instead of just removing the web.xml, the prsysmgmt.war should be undeployed from the app server. This will ensure that:
1) none of the code runs accidentally
2) the deployed app doesn't use up the server resources
3) no security holes are left open for exploitation.
Instead of just moving opt/tomcat/webapps/prsysmgmt/WEB-INF/web.xml, remove the entire prsysmgmt directory from under opt/tomcat/webapps