You can use the wsadmin tool to restrict remote administration
so that administrators only manage nodes locally. This prevents the base node
from opening remote ports for the administrator. Each administrative connection
must occur from the local workstation.
Procedure
- Start the wsadmin scripting tool.
- Restrict remote access.
Run the following set of
commands for each server of interest to restrict remote access:
server=AdminConfig.getId('/Server:server1/')
AdminTask.setAdminProtocolEnabled(server, '[-conntype SOAP -enable false]')
AdminTask.setAdminProtocolEnabled(server, '[-conntype RMI -enable false]')
AdminTask.setAdminProtocolEnabled(server, '[-conntype JSR160RMI -enabled false]')
AdminTask.setAdminProtocol(server,'[-conntype IPC -mode local]')
- Restart each server.
Use the stopAllServers and startAllServers
commands in the AdminServerManagement script library to restart each server
configured with local access only, as the following example demonstrates:
AdminServerManagement.stopAllServers("myNode")
AdminServerManagement.startAllServers("myNode")