4.1 Disabling non-essential remote access to services

After LiveCycle is installed and configured, many services are available for remote invocation over SOAP, Enterprise JavaBeans™ (EJB), and (Deprecated for AEM forms) LiveCycle Remoting. The term remote, in this case, refers to any caller that has network access to the SOAP, EJB, or Action Message Format (AMF) ports for the application server.

Although the LiveCycle server services require valid credentials to be passed for an authorized caller, you should allow only remote access to the services that you need to be remotely accessible. To achieve limited accessibility, you should reduce the set of remotely accessible services to the minimum possible for a functioning system and then enable remote invocation for the additional services that you need.

LiveCycle server services always need at least SOAP access. These services are typically required for use by Workbench but also include services that are called by the Workspace web application.

Complete this procedure using the Applications and Services web page in Administration Console:

  1. Log in to Administration Console by typing the following URL in a web browser:

            http://[host name]:[port]/adminui

  2. Click Services > Applications and Services > Preferences.

  3. Set the Preferences to view up to 200 services and endpoints on the same page.

  4. Click Services > Applications and Services > Endpoint Management.

  5. Select EJB from the Provider list and then click Filter.

  6. To disable all EJB endpoints, select the check box beside each one in the list and click Disable.

  7. Click Next and repeat the previous step for all EJB endpoints. Ensure that EJB is listed in the Provider column before you disable endpoints.

  8. Select SOAP from the Provider list and then click Filter.

  9. To remove SOAP endpoints, select the check box beside each one in the list and click Remove. Do not remove the following endpoints:

    • AuthenticationManagerService

    • DirectoryManagerService

    • JobManager

    • event_management_service

    • event_configuration_service

    • ProcessManager

    • TemplateManager

    • RepositoryService

    • TaskManagerService

    • TaskQueueManager

    • TaskManagerQueryService

    • WorkspaceSingleSignOn

    • EventGenerationandReceipt

    • ApplicationManager

  10. Click Next and repeat the previous step for SOAP endpoints that are not in the above list. Ensure that SOAP is listed in the Provider column before you remove endpoints.

    // Ethnio survey code removed