|
Some LiveCycle server services permit unauthenticated (anonymous)
invocation for some operations. This means that one or more operations
exposed by the service may be invoked as any authenticated user
or as no authenticated user at all.
Log in to Administration Console by typing the following
URL in a web browser:
http://[host name]:[port]/adminui
Click Services > Applications and Services > Service Management.
Click the name of the service that you want to disable (for
example, AuthenticationManagerService).
Click the Security tab,deselect Anonymous Access Allowed, and
click Save.
Complete steps 3 and 4 for the following services:
AuthenticationManagerService
EJB
Email
JobManager
WatchedFolder
UsermanagerUtilService
Remoting
RemoteEvents
RepositoryProviderService
EMCDocumentumRepositoryProvider
IBMFilenetRepositoryProvider
FormAugmenter
TaskManagerService
TaskManagerConnector
TaskManagerQueryService
TaskQueueManager
TaskEndpointManager
LCMTMInvoker
UserService
WorkspaceSearchTemplateService
WorkspaceSignleSignOn
WorkspacePropertyService
OutputService
FormsService
If you intend to expose any
of these services for remote invocation, you should also consider
disabling anonymous access for these services. Otherwise, any caller
with network access to this service may invoke the service without passing
valid credentials.
Anonymous access should be disabled for
any services that are not needed. Many internal services require
anonymous authentication to be enabled because they need to be invoked
by potentially any user in the system without being preauthorized.
|
|
|
