Secure PAS for OpenEdge instances
- Last Updated: March 16, 2023
- 2 minute read
- OpenEdge
- Version 12.2
- Documentation
This topic provides information about security configurations for PAS for OpenEdge instances.
Server security support includes standard Tomcat server functionality, the Spring Security Framework, plus OpenEdge security features and customizations.
The following is a list of security factors that you should consider before
running the production version of PAS for OpenEdge:
- TLS certificate: Add a valid key/certificate to your PAS for OpenEdge instance. Do not rely on the private key/ digital certificate sent by OpenEdge for testing in production. For more information, see Use TLS in PAS for OpenEdge.
- For server administration, add new users and assign PAS roles (
ROLE_PSC**). - Secure deployed management web applications, see Secure the Tomcat Manager and OpenEdge Manager web applications.
- File system access as described in Manage users and remote access.
- Use Remote access filters to control client IP addresses.
- Remote administration and monitoring as described in Secure online deployment of a new ABL application.
- ABL application client login model and user account source as described in Enable ABL application authentication .
- Disable HTTP in production instances.
Note: Never use a PAS for OpenEdge instance created in
development mode in a production environment. Use only PAS for OpenEdge instance created in
production mode for deployment in public facing production environment.