3.10 WebSphere-specific security recommendations

This section contains application server configuration recommendations for securing WebSphere running LiveCycle.

    3.10.1 Disable directory browsing

    Set the directoryBrowsingEnabled property in the ibm-web-ext.xml file to false.

    3.10.2 Enable WebSphere administrative security

    1. Log in to the WebSphere Administrative Console.

    2. In the navigation tree, go to one of the following links:

      (WebSphere 6.1) Security > Secure administration, applications, andinfrastructure

      (WebSphere 7.0) Security > Global Security

    3. Select Enable administrative security.

    4. Deselect both Enable application security and Use Java 2 security.

    5. Click OK or Apply.

    6. In the Messages box, click Save directly to the master configuration.

    // Ethnio survey code removed