Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS Betriebsanweisung Seite 72
- Seite / 328
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Chapter 2: Security Measures
2-6
Risk of Exploiting the HTTP TRACE Method
Malicious users (or machines) on the network may read private information in HTTP request data or
execute unwanted codes.
To prevent this risk, it is recommended to disable the HTTP TRACE method by specifying the following
lines in the Interstage HTTP Server environment definition file (httpd.conf):
The TRACE method is the HTTP/1.1 method of receiving the data sent from the client side as response
data. This method is used to diagnose the network environment. There is no problem in the Interstage
HTTP Server operation if this method is disabled because it not usually used.
LoadModule rewrite_module modules/mod_rewrite.so
AddModule mod_rewrite.c
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
LoadModule rewrite_module libexec/mod_rewrite.so
AddModule mod_rewrite.c
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
Add the setting to each virtual host as follows to disable the HTTP TRACE method when virtual hosts
are configured.
LoadModule rewrite_module modules/mod_rewrite.so
AddModule mod_rewrite.c
<VirtualHost 192.168.0.2>
ServerName virt.example.com
ServerAdmin [email protected]
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
...
</VirtualHost>
- Security System Guide 1
- Trademarks 2
- Preface 3
- Table of Contents 7
- Part I 21
- Security Risks and Measures 21
- Chapter 1 23
- Security Risks 23
- Operation Tool 24
- Resource Possible threat 25
- J2EE Application 27
- Resources to be Protected 28
- Possible Security Risks 29
- Possible Countermeasures 31
- Web Services 33
- Database Linkage Service 34
- Periodic Backup 40
- OLTP Function 41
- Smart Repository 46
- Potential Security Threats 47
- Password Encryption 48
- Periodic Change of Passwords 48
- Operation by Limited Users 48
- Periodic Data Backup 49
- Interstage Single Sign-on 50
- Possible Threats 51
- Security Measures 52
- Application Programming 55
- Applying Patches 56
- Multi Server Management 57
- Configuration Model 58
- Threat Prevention 61
- Chapter 1: Security Risks 66
- Chapter 2 67
- Common Security Measures 68
- Notes on User Accounts 69
- Notes on Communication Data 69
- (Interstage HTTP Server) 70
- (InfoProvider Pro) 75
- Notes on the Use of Sessions 76
- SSL Encryption 80
- Definition 82
- About Authorization Settings 87
- About Errors and Exceptions 87
- Notes on IJServer Execution 89
- Repository 90
- Security Role Settings 92
- Part II 95
- Chapter 3 97
- Interstage HTTP Server 97
- Types of Authentication 98
- IP Access Control 99
- Online Collation 100
- Registering a User Password 101
- Relating Directives 103
- AuthName 104
- AuthType 104
- AuthUserFile 105
- <Directory> 105
- Require 106
- Operation without Using SSL 112
- Operation Using SSL 112
- Creating Entries 114
- Item Description 115
- AddModule 125
- AuthLDAPbasedn 125
- AuthLDAPBindDN 126
- AuthLDAPBindPassword 127
- AuthLDAPCertPath 127
- AuthLDAPEnabled 128
- AuthLDAPHost 128
- AuthLDAPPort 129
- AuthLDAPSecure 129
- AuthLDAPSlotPath 130
- AuthLDAPTknLbl 131
- AuthLDAPTknPwd 131
- LoadModule 134
- ServerRoot 136
- Part III 139
- Firewall and Proxy Server 139
- Chapter 4 141
- HTTP Tunneling 141
- HTTP Tunneling Mechanism 142
- HTTP Gateway Environment) 143
- Operating HTTP Tunneling 143
- HTTP Tunneling Setup 144
- Writing HTML 147
- Setting up HTTP Tunneling 148
- Parameter Name Meaning 149
- Java Applets 150
- Chapter 4: HTTP Tunneling 154
- Chapter 5 155
- HTTP Tunneling of J2EE 155
- Environment 157
- Property 157
- Meaning 157
- Chapter 6 161
- Linkage of the Proxy 161
- Part IV 163
- Authentication and Encrypted 163
- Chapter 7 165
- Certificate including 167
- Certificate without 167
- CA (Certification Authority) 168
- Configuring Environments 169
- Using PKCS#12 Data 170
- Registering a CRL 176
- Importing the PKCS#12 data 179
- Certificate Management 183
- Operation Begins 184
- Deleting a Certificate 184
- Chapter 8 185
- Command 185
- Management Environment 186
- Resource Registration 196
- Command Description 199
- Chapter 9 201
- Registering the User PIN 203
- General Operation of SSL 204
- CustomLog 213
- DocumentRoot 214
- ErrorLog 215
- LogFormat 217
- ScriptAlias 219
- ServerAdmin 220
- ServerName 220
- SetEnvIf 222
- SSLCertName 222
- SSLCICACertName 223
- SSLCipherSuite 224
- SSLEnvDir 226
- SSLExec 226
- SSLSlotDir 227
- SSLTokenLabel 227
- SSLUserPINFile 228
- SSLVerifyClient 229
- SSLVersion 230
- <VirtualHost> 232
- Chapter 10 233
- Operating the SSL Linkage 237
- Reference 238
- Command Definition 239
- Editing config File 240
- How to Use SSL with J2EE 243
- Chapter 11 243
- Chapter 12 247
- Repository Client and Server 249
- Part V 251
- Chapter 13 253
- Digital Signature Function 254
- Function 256
- SOAP Messages 257
- Communication via the Proxy 258
- Chapter 14 259
- Services (SOAP) 259
- Property name Value 260
- Operation 262
- Certificate Environment 263
- Using a CORBA/SOAP Gateway 273
- Chapter 15 275
- Setting User Information 278
- Preparing a Private-key 284
- Preparing a Site Certificate 290
- Preparing a Private Key 294
- Fault Codes 297
- Fault code Explanation 298
- Supported Algorithms 299
- Chapter 16 303
- System) 304
- Part VI 317
- Service 317
- Chapter 17 319
- Chapter 18 321
Verwandte Produkte und Handbücher für Server Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
Server Red Hat NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION Installationsanleitung
(142 Seiten)
(142 Seiten)
(32 Seiten)
Server Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE Betriebsanweisung
(332 Seiten)
(332 Seiten)
Server Red Hat NETSCAPE ENTERPRISE SERVER 6.1 - PROGRAMMER GUIDE TO SERVLETS Installationsanleitung
(72 Seiten)
(72 Seiten)
Server Red Hat NETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS Installationshandbuch
(92 Seiten)
(92 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.060 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern