The security features
within the cluster management console are
enabled by default. If you have disabled security features within the cluster management console and
now want to enable them, follow these steps.
Procedure
-
Open the pmc.conf file:
- Linux®:
$EGO_CONFDIR/../../gui/conf/pmc.conf
- Windows: %EGO_CONFDIR%\..\..\gui\conf\pmc.conf
-
Enable the following secure interactions for the cluster management console:
- Prevent cross-site scripting (CSS) attacks in which malicious scripts are injected to trusted
web sites.
- Prevent cross-site request forgery (CSRF) attacks, which force users to execute unwanted actions
on a web application in which they are currently authenticated.
- Prevent user names and passwords from being stored in cookies.
- Enable access control to prevent access to certain files.
Do this by locating the SECURITY
tag in the pmc.conf file
and setting its value to ON
. If the tag does not exist, add the tag. For
example:
-
Enable HTTP Strict Transport Security (HSTS) protocol for the cluster management console so that IBM® Spectrum Symphony always uses HTTPS
(Hypertext Transfer Protocol Secure) to access cluster management console.
Do this by locating the
HSTS
tag in the
pmc.conf file and
setting its value to
ON
. If the tag does not exist, add the tag. For
example:
HSTS=ON
-
Save your changes.
-
Stop and restart the WEBGUI service:
# egosh service stop WEBGUI
# egosh service start WEBGUI