Chapter 14 Removing Access to the Access Manager Console
In this scenario, you want to remove access to the Access Manager Administration Console, to prevent unauthorized users from accessing the Console.
Removing Access to the Console
To Remove Access to the Console
-
Locate the WEB-INF/web.xml file for your specific web container.
-
In the web.xml file, either comment out or remove all 11 references to the Access Manager Console servlets. For example:
... <!-- <servlet-mapping> <servlet-name>AuthServlet</servlet-name> <url-pattern>/authentication/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>AMBaseServlet</servlet-name> <url-pattern>/base/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>FSServlet</servlet-name> <url-pattern>/fed/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>WSServlet</servlet-name> <url-pattern>/webservices/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>SCServlet</servlet-name> <url-pattern>/service/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>RMServlet</servlet-name> <url-pattern>/realm/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>PMServlet</servlet-name> <url-pattern>/policy/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>IDMServlet</servlet-name> <url-pattern>/idm/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>UMServlet</servlet-name> <url-pattern>/user/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>DelegationServlet</servlet-name> <url-pattern>/delegation/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>DMServlet</servlet-name> <url-pattern>/dm/*</url-pattern> </servlet-mapping> --> ... -
Restart the web container for the changes in the edited web.xml file to take effect.
- © 2010, Oracle Corporation and/or its affiliates