Protect your OpenAM from outside access

Tagged: ,

This topic has 2 replies, 3 voices, and was last updated 4 years, 4 months ago by Scott Heger.

  • Author
    Posts
  • #21259
     guy_malachi
    Participant

    Hi,

    I’m using OpenAM V13.0 connected to multiple applications with OpenID.
    When user is being redirected to OpenAM for login he served by the server which running the OpenAM so he exposed to the login page of the OpenAM too (configuration, management etc..)

    How can i protect my OpenAM management site from outside access?

    Thanks,
    Guy

    #21260
     Bill Nelson
    Participant

    Hi @guy_malachi,

    The best practice is to secure OpenAM behind the firewall (i.e. make it inaccessible to the public) and place a reverse proxy (i.e. Apache) or OpenIG in the DMZ. You can then limit which URLs are exposed at the proxy layer and enforce additional controls behind the firewall.

    bill

    #21303
     Scott Heger
    Participant
Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?