PQ81764: Configuring the trusted mode to determine
private HTTP headers
Downloadable files
Abstract
Configuring the trusted mode to determine if
administrators can trust private HTTP headers or not
Download Description
IBM® WebSphere® Application Server has further tightened security by
introducing a configuration option that permits administrators to specify
if they trust private HTTP headers or not.
Carefully evaluate enabling the WebSphere Application Server internal HTTP
Transport in the trusted mode in the production environment to determine
if sufficient trust is established. When the trusted mode is enabled, the
WebSphere Application Server internal HTTP Transport allows the assertion
of the user identity by adding the client certificate to the HTTP header.
The Web server plug-in can use this feature to support client certificate
authentication. The HTTP header does not carry verifiable information that
WebSphere Application Server can use to determine the server identity that
asserts the client certificate. Establish a secure communication channel
with transport level authentication between the Web server plug-in and
WebSphere Application Server to avoid HTTP header spoofing. Configure the
trusted mode for each HTTP port independently and disable on any port that
client machines can access directly, both from the Internet and the
Intranet.
Requiring the Web server plug-in to establish a Secure Sockets Layer (SSL)
connection with client certificate authentication is a way to ensure that
only a trusted Web server plug-in asserts the user certificate. Also, use
a self-signed certificate so that only those servers that have the
self-signed certificate can establish a secure connection to the trusted
internal HTTP server port.
Other than SSL, you can use mechanisms such as Virtual Private Network
(VPN) and IPSec to protect the internal HTTP Transport from being accessed
by unauthorized users. The trusted mode is set to true by default. Perform
the following steps to add a custom transport property to disable the
trusted mode:
1. Using the administrative console, click Servers > Application
Servers > <server name> > Web Container >HTTP Transports
> < host> > Custom Properties.
2. Click New and enter the property name Trusted with the value of false.
3. Restart the server.
4. After the server restarts, a Transport where Trusted is set to false
does not accept client certificate assertion and returns an HTTP Error 403
with an error message in the log.
Requests through proxies such as the Web server plug-in are not permitted
to this port.
The HTTP transport on port 9080 is not configured to be trusted.