System Administration Guide: Basic Administration

Disabling Remote Access to the Oracle Java Web Console

You can prevent users from connecting to the console from remote systems. Starting with the Solaris 10 11/06 release, you can disable remote access only to the console, while leaving the other access permissions in place, by using the following procedure:

ProcedureHow to Disable Remote Access to the Oracle Java Web Console

  1. Become superuser or assume an equivalent role on the system where the console is running.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

  2. Set a property to prevent the console server from responding to network requests, and restart the console server.

    # svccfg -s svc:/system/webconsole setprop options/tcp_listen = false
    # smcwebserver restart

    After the restart the console now only responds to a browser on the same system as the console server process. You cannot use a proxy in the browser, only a direct connection. You can also use the https://localhost:6789/ URL to access the console.