Security features within the cluster management console
The cluster management console in IBM® Spectrum Symphony includes several security features which you can enable for secure interactions.
Enable the following security features in the cluster management console by configuring the pmc.conf file:
- Prevent cross-site scripting (CSS) attacks in which malicious scripts are injected to trusted web sites.
- Prevent cross-site request forgery (CSRF) attacks, which force users to execute unwanted actions on a web application in which they are currently authenticated.
- Prevent user names and passwords from being stored in cookies.
- Enable access control to prevent access to certain files.
- Disable the auto-complete feature for password fields. If strongly required, you can enable auto-complete within your browser according to your browser's documentation.
Additionally, you can allow IBM Spectrum Symphony reports access to the database by using read-only database users to prevent users from modifying (inserting, updating, or deleting) custom report data. To configure this feature for the cluster management console, refer to the related topic for details.