Although the ping servlet is useful for remote debugging,
it might reveal sensitive server information. To protect sensitive
information, you can enable access for the servlet by using both basic
HTTP authentication and client network address filtering. After you
enable access to the ping servlet, you can check the status of the
application.
Before you begin
The ping servlet security feature is enabled in version 6.5.1
and later of
IBM® Rational® Focal Point™.
Procedure
- To configure the HTTP basic authentication role, in the
application server, assign the ping role:
- On Apache Tomcat: Create a user with the ping role.
- On IBM WebSphere® Application Server:
Map the ping security role to the users or groups.
For more information about assigning the ping role in Apache
Tomcat and WebSphere Application Server,
see the documentation for those servers.
- In Rational Focal Point,
specify the client network address that can access the ping servlet
option:
- Click .
- In the Networks With Access to the Ping Servlet field,
specify the range of network addresses by using CIDR notation. Use
commas or semicolons to separate the addresses.
Restrictions: - Both IPv4 and IPv6 network addresses are supported.
- By default, only localhost (127.0.0.1/32 or ::1/128) is allowed.
- If the configuration involves a load balancer or another proxy,
the address of that proxy must be in one of the configured network
address ranges.
What to do next
You can now check the status of
Rational Focal Point from
a web browser by using the commands. For more information, see “Commands
to monitor Rational Focal Point.”