The first step towards securing the Geronimo server environment is to secure access to the server installation directory, which we refer to as <GERONIMO_HOME>
. Some of the directories under <GERONIMO_HOME>
that contain sensitive information are:
var/config
: .Theconfig.xml
file under this directory may contain passwords and so on.var/security
: This directory containsusers.properties
andgroups.properties
files which contain the user credentials used by the default security realm,geronimo-admin
.var/security/keystores
: This directory contains cryptographic keystore files used by the server.var/derby
: This directory contains the databases created when using embedded Derby database server. This directory may also have aderby.properties
file containing user IDs and passwords for accessing the databases.var/repository
: The configuration directories created during deployment may have deployment plans, packaged as part of the archives, which...