STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:

The WebSphere Application Server LDAP user registry must be used.

DISA Rule

SV-96013r1_rule

Vulnerability Number

V-81299

Group Title

SRG-APP-000148-AS-000101

Rule Version

WBSP-AS-001010

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

In the administrative console, click Security >> Global security.

Under "User account repository", click the "Available realm definitions" drop-down list.

Select "Standalone LDAP" registry.

Click "Configure".

Provide the Primary Administrative user name, type of LDAP server, hostname for the LDAP server, define the Base distinguished name.

Click "OK".

On "Global security" panel, click "Set as current".

Click "Apply".

Click "Save".

Recycle and synchronize the JVMS.

Check Contents

In the administrative console, click Security >> Global security.

If the "Available realm definitions" drop down box under the "User account repository" section is not set to "Standalone LDAP registry", this is a finding.

Vulnerability Number

V-81299

Documentable

False

Rule Version

WBSP-AS-001010

Severity Override Guidance

In the administrative console, click Security >> Global security.

If the "Available realm definitions" drop down box under the "User account repository" section is not set to "Standalone LDAP registry", this is a finding.

Check Content Reference

M

Target Key

3399

Comments