As per business requirement, customer is planning to change the following Websphere settings from default(true) to false. Customer would like to understand if there any impact to Adaptive Authentication applications(both core and backoffice).
RSA engineering team have tested the settings. The result is as follows:
Impact: Yes. Adaptive Authentication applications needs static contents to be served by application in order for back office applications to function.
- directoryBrowsingEnabled=false As a typical best practice of WebSphere setup, this parameter is recommended to set to false in order to prevent directory browsing. Impact: No
- serveServletsByClassnameEnabled=false This parameter allows a servlet to be served via a URI by class package and class name. Typical feature used in development but not in production mode.