Security considerations
You can take actions to ensure that your installation is secure, customize your security settings, and set up user access controls. You can also ensure that you know about any security limitations that you might encounter with this application.
- Enabling security during the install process
- Ports, protocols, and services
- Customizing your security settings
- Privacy policy considerations
Enabling security during the install process
AIX and Linux connections
AIX and Linux connections can be made through SSH or through the datastore communications server. Using the datastore communications server has many advantages. You need to protect the scripts used in the datastore communications server from unauthorized modification according to the security procedures you would normally employ on your server systems. These may include setting permissions on this files to ensure they are read-only, or by using access control lists.
See Connecting to a remote AIX server for some examples as to how to protect the files.
Ports, protocols, and services
For IBM i connections
Rational Developer for i opens several connections using the servers required by the IBM Toolbox for Java. The ports used by these servers are configured using the as-svrmap service and can be changed on the IBM i system. If you use SSL then a different set of secure ports is used. Information about the default ports can be found at http://publib.boulder.ibm.com/infocenter/iseries/v7r1m0/index.jsp?topic=/rzaii/rzaiiservicesandports.htm
| Service name | Description | Port number |
|---|---|---|
| as-central | Central server | 8470 |
| as-database | Database server | 8471 |
| as-dtaq | Data queue server | 8472 |
| as-file | File server | 8473 |
| as-rmtcmd | Remote command and program call server | 8475 |
| as-signon | Signon server | 8476 |
| as-svrmap | Server mapper | 449 |
| drda | DDM | 446 |
| Service name | Description | Port number |
|---|---|---|
| as-central-s | Secure central server | 9470 |
| as-database-s | Secure database server | 9471 |
| as-dtaq-s | Secure data queue server | 9472 |
| as-file-s | Secure file server | 9473 |
| as-netprt-s | Secure network print server | 9474 |
| as-rmtcmd-s | Secure remote command/ Program call server | 9475 |
| as-signon-s | Secure signon server | 9476 |
| ddm-ssl | DDM | 448 |
Rational Developer for i also attaches to the debug router which is at port 3825 by default. There is no SSL equivalent of this server, but if you are using secure communications for debug then Rational Developer for i tunnels to this port through SSH. The default port for SSH is 22.
For AIX and Linux Connections
Customizing your security settings
For IBM i connections
You can configure IBM i secure communications for a connection in Rational Developer for i from the properties page for that connection. Right-click on the connection, select Properties and look at the Connection page.
Instructions for setting up SSL communications can be found in Connecting to an IBM i server that is configured to use Secure Sockets Layer (SSL)
Privacy policy considerations
This software offering does not use cookies or other technologies to collect personally identifiable information. For additional information on cookies, see the Notices topic.
Password storage
Passwords are stored in Eclipse secure storage. This is an encrypted database stored locally on your workstation. Strong encryption is used. Eclipse secure storage is shared among multiple product installations. See Secure storage
Disabling the storing of passwords for IBM i Connections
You can prevent the storage of passwords for a particular connection. See Disabling password storage for IBM i connections