000033806 - Changing default Websphere settings in RSA Adaptive Authentication (OnPrem) 7.1

Document created by RSA Customer Support Employee on Aug 31, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033806
Applies ToRSA Product Set: Adaptive Authentication (OnPrem)
RSA Product/Service Type: Adaptive Authentication (OnPrem)
RSA Version/Condition: 7.1
IssueAs per business requirement, customer is planning to change the following Websphere settings from default(true) to false. Customer would like to understand if there any impact to Adaptive Authentication applications(both core and backoffice).
- fileServingEnabled
- directoryBrowsingEnabled
- serveServletsByClassnameEnabled
NotesRSA engineering team have tested the settings. The result is as follows:
- fileServingEnabled=false
This parameter is used to indicate whether static content are served by application deployed on WebSphere. If the parameter is set to false (fileServingEnabled=false), AAOP Back Office applications will not function e.g. images are not loaded and JavaScript events also not working and user will not be able to login to back office.
Impact: Yes. Adaptive Authentication applications needs static contents to be served by application in order for back office applications to function.
- directoryBrowsingEnabled=false
As a typical best practice of WebSphere setup, this parameter is recommended to set to false in order to prevent directory browsing.
Impact: No
- serveServletsByClassnameEnabled=false
This parameter allows a servlet to be served via a URI by class package and class name. Typical feature used in development but not in production mode.
Impact: No