Locking Down Geronimo

By default, Geronimo comes with many default settings and configurations tuned for ease of use. They are not, in most cases, designed to provide a secured server out of the box.

In a production environment, administrators and system integrators should be aware of potentially exploitable defaults - and perform a lockdown of the server.

Based experience in working with Geronimo, here is a small punch list to consider when making your server available in a production environment:

• Change the administrator username and password. The var/security/users.properties and var/security/groups.properties has the user system and password manager set to be in the admin group. Consider changing the username and password and placing this new user in the admin group.

• Consider running Geronimo with a Web server running mod_jk or equivalent. This will allow you to only let certain URLs through to the Web component. This can prevent outsiders from accessing the console or other private applications.

• Change the Apache Directory server’s administrator password. The admin user’s DN is uid=admin,ou=system and the password is secret.

• Consider changing the port Apache Directory server runs on. It currently runs on port 1389 to get around the need to run as a superuser to access the LDAP well-known port of 389.

• Examine the list of components that come with Geronimo and decide if they are really necessary. Do you really need the LDAP server? Do you really need all of the demo applications running?

• Examine the ActiveMQ JMS topics and queues. Are they secure? Are any open? Do you need to change credentials to access these queues?

As a final general note, always remember your firewall. Only let in those ports to access Geronimo that your users will need for accessing your applications.