Details

Remove access for default and test users



Default username and passwords should not be used



NOTE: Please review the benchmark to ensure target compliance.


Solution

Navigate to Server directory, open realm.properties file and create a new user. If you want to just use the default test realm, its better to delete the default users that already exist in realm.properties file. In the same folder find the webdefault.xml and specify the security constraint for the newly created user.


This control applies to the following type of system Unix.


Source