Documentation - V-204748

V-204748

Application Server Security Requirements Guide

CAT II

Title

The application server must authenticate users individually prior to using a group authenticator.

Description

<VulnDiscussion>To ensure individual accountability and prevent unauthorized access, application server users (and any processes acting on behalf of application server users) must be individually identified and authenticated. A group authenticator is a generic account used by multiple individuals. Use of a group authenticator alone does not uniquely identify individual users. Application servers must ensure individual users are authenticated prior to authenticating via role or group authenti...

Fix Text (Documentation Requirement)

Configure the application server to authenticate users individually prior to allowing any group-based authentication.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel