Security Recipe

1. Consider disabling Java 2 security if you can guarantee, to a high confidence, that you know what code is being put on the server and who has access.
2. If end-to-end encryption is not required, consider eliminating secure communications on an already secure part of the LAN. For example, if a web server is in the DMZ, the connection to the application servers may be secured, but all other connections behind the DMZ may be unsecured.
3. Monitor the utilization of the authentication cache and increase its size if it's full and there's heap space available. Also consider increasing the cache timeout.
4. Consider changing administrative connectors from SOAP to RMI to utilize persistent connections.
5. If using LDAP:
   1. Select the reuse connection option.

For more details, see the Security section of the WAS traditional Profile chapter.

Previous Section (HTTP Sessions Recipe) | Next Section (Connection Pool Hangs in createOrWaitForConnection) | Back to Table of Contents