Tomcat 7 hardening in Windows IDP server shows access to the /manager/html link
This document (7012003) is provided subject to the disclaimer at the end of this document.
NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 Support Pack 1 applied
NetIQ Access Manager 3.2 Admin Console on Windows 2008 Server
Windows Admin Console installer on Windows is using a silent installer of tomcat, which installs tomcat manager. Unlike the Linux IDP server or Access Gateway, tomcat is not hardened and some of the services that should not be there are indeed there.
These files from the /manager folders can be manually deleted without impacting NAM functionality.
Modifying web.xml is also an option to prevent access, but deleting the files is the recommended approach.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7012003
- Creation Date:22-MAR-13
- Modified Date:22-MAR-13
- NetIQAccess Manager (NAM)
Did this document solve your problem? Provide Feedback