[wsas-java-dev] Security improvements to WSAS
James Clark
james at wso2.com
Mon Feb 5 23:33:17 PST 2007
> So, the admin user's password has to be entered for the first time when
> WSAS is started up. WSAS will not start up until this is set. It is a
> small price to pay for a more secure application.
>
> What do you think about this approach? Is there a better approach?
Making initial startup non-interactive is not acceptable. Things need
to be automatable. In the Linux world at least, both initial package
installation and system startup are not expected to require user
interaction.
Possibilities I can think of:
a) provide a command-line tool that sets the initial password; the admin
would need to run this command explicitly before WSAS would startup; it
would be able to read the password from stdin, so it wouldn't have to be
run interactively
b) generate a random default password on installation and write it to a
file that is readable only by root (or whoever ran the installation); on
first login require the admin to enter that password and change it to
another password
The problem with both these is discoverability. How can we make it easy
for the admin to discover what they have to do to get started? Can we
arrange that if the admin hasn't logged in yet, then going to the admin
URL will just display a (non-password protected) page telling the admin
what they need to do?
James
More information about the Wsas-java-dev
mailing list