Question
Pegasystems Inc.
AU
Last activity: 30 Aug 2017 6:15 EDT
What is the usage of the SMA Prompt for Credential
Hi there,
We need to secure SMA, and so far we can secure the web URI via Web.xml. However, we are not clear as to the use of the "Always Prompt for Credentials" and "Always Use the Following Credentials"
We can enter any text or not provide anything and it still gets through.
Is there usage of this feature in relation to security.
Regarsd
Seri
Message was edited by: Lochana to add a Category
-
Like (0)
-
Share this page Facebook Twitter LinkedIn Email Copying... Copied!
Pegasystems Inc.
US
Please refer to any installation guide: https://pdn.pega.com/support-resources/deployment-upgrades/deployment-guides to understand how to secure SMA (i.e., search for PegaDiagnosticUser).
Atos Syntel
IN
check this - Re: Questions to Admin/pw in SMA
Updated: 16 Feb 2016 9:17 EST
Pegasystems Inc.
AU
Hi Dillipan,
I have secured the Servlet via the usual web.xml security constraint configuration and it works. However, once we are in the SMA and log-off, then log on again via
Click here | to connect to the System Management Application |
- with the prompting for user/password authentication mode set, I can still enter invalid user/pwd or not provide user/pwd and I can still get in. Is this the expected behavior which makes no-sense?
Regards
Seri
Atos Syntel
IN
Could you please check if JVM argument - "-Dcom.sun.management.jmxremote.authenticate" is set to false in your server ?
if it is set to false then the scenario you have mentioned might happen.
Pegasystems Inc.
AU
Hi Dilipan,
I guess the user/pwd are for JMX only (not local JVM connection) and so configuration would need to have
-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password
-Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access
I am trying to see if this will work just for JMX.
Regards
Seri
Atos Syntel
IN
Yes, the user/pwd are for JMX only as SMA uses JMX and Mbeans.
Common Wealth Bank of Australia
AU
Hi Seri,
Were you able to lock the SMA using the above changes in the jvm arguments. Because we also are trying to secure the SMA and it doesn't seems to be working.
Regards,
Karthik
Common Wealth Bank of Australia
AU
By configuring the below
-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.password.file=/opt/tomcat/conf/jmxremote.password
-Dcom.sun.management.jmxremote.access.file=/opt/tomcat/conf/jmxremote.access
I am able to enable the authentication for Remote connection SMA using JMX. But how to control the edit icon/delete icon beside the node & the Add node icon on the left pane of the SMA.
Refer to discussion mentioned by Dilipan