STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM WebSphere Traditional V9.x Security Technical Implementation Guide

V-255863

CAT II (Medium)

The WebSphere Application Server LDAP user registry must be used.

Rule ID

SV-255863r1051118_rule

STIG

IBM WebSphere Traditional V9.x Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-000764

Discussion

To assure accountability and prevent unauthorized access, application server users must be uniquely identified and authenticated. This is typically accomplished via the use of a user store which is either local (OS-based) or centralized (LDAP) in nature. To ensure support to the enterprise, the authentication must utilize an enterprise solution.

Check Content

In the administrative console, click Security >> Global security.

If the "Available realm definitions" drop down box under the "User account repository" section is not set to "Standalone LDAP registry", this is a finding.

Fix Text

In the administrative console, click Security >> Global security.

Under "User account repository", click the "Available realm definitions" drop-down list.

Select "Standalone LDAP" registry.

Click "Configure".

Provide the Primary Administrative user name, type of LDAP server, hostname for the LDAP server, define the Base distinguished name.

Click "OK".

On "Global security" panel, click "Set as current".

Click "Apply".

Click "Save".

Recycle and synchronize the JVMS.