Removing or Protecting Development and Debug Tools

Before you deploy IDM in production, remove or protect development and debug tools, including the Felix web console that is exposed under /system/console. Authentication for this console is not integrated with authentication for IDM.

To remove the Felix web console:

  1. Remove the web console bundle and all of the plugin bundles related to the web console: 

    rm /path/to/openidm/bundle/org.apache.felix.webconsole*.jar
rm /path/to/openidm/bundle/openidm-felix-webconsole-7.1.6.jar

  2. Remove the felix.webconsole.json configuration file from your project's conf/ directory: 

    rm /path/to/project-dir/conf/felix.webconsole.json

To protect access to the Felix web console, change the credentials in your project's conf/felix.webconsole.json file. These properties can be set using property substitution. This file contains the username and password to access the console, by default: 

{
  "username" : "&{openidm.felix.webconsole.username|admin}",
  "password" : "&{openidm.felix.webconsole.password|admin}"
}
Read a different version of :