Skip to content
Catalogs
XCCDF
Application Server Security Requirements Guide
SRG-APP-000148
The application server must use an enterprise user management system to uniquely identify and authenticate users (or processes acting on behalf of organizational users).
The application server must use an enterprise user management system to uniquely identify and authenticate users (or processes acting on behalf of organizational users). An XCCDF Rule
The application server must use an enterprise user management system to uniquely identify and authenticate users (or processes acting on behalf of organizational users).
Medium Severity
<VulnDiscussion>To assure accountability and prevent unauthorized access, application server users must be uniquely identified and authenticated. This is typically accomplished via the use of a user store which is either local (OS-based) or centralized (LDAP) in nature.
To ensure support to the enterprise, the authentication must utilize an enterprise solution.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>