ManjuPai Member since 2016 29 posts
Pai G
Posted: 3 years ago
Last activity: 2 years 9 months ago

How to secure SMA in Tomcat 8


We have seen SMA is not secure by default. Whenever we open SMA it does not ask for any credentials. When we configured SMA to always ask for credentials, I was assuming that it would take only the credentials that is configured in tomcat-users.xml (i.e., PegaDiagnosticUser). However, we have seen it takes whatever text we type which makes it unsecure.

We do not want someone to mess up the agent configs or do other administrative stuff apart from people who know PegaDiagnosticUser credentials. Kindly let me know how can we secure SMA.

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Security System Administration
Moderation Team has archived post
Share this page LinkedIn