000011656 - FIM- fimconfig console access is not protected

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000011656
Applies ToFederated Identity Management Module 4.1
Weblogic 10 Appserver
Issue FIM- fimconfig console access is not protected
The FIM console access is not protected; when the fimconfig URL is accessed, the user is not challenged to present credentials. The parameter fimconfig.ootb.rbac.enabled=truen is enabled in the fim.properties file and the users have been loaded with the cliCreateUserGroupsForWLS verified in myrealms.
CauseWhen the FIM ear file was deployed the wrong security model was chosen in the "Install Application Assistant".   
ResolutionIn the security section where it asks "What security model do you want to use with this application?" Choose the first option:
-DD Only: Use only roles and policies that are defined in the deployment descriptors.
Legacy Article IDa55614

Attachments

    Outcomes