[jboss-jira] [JBoss JIRA] Closed: (JBAS-4167) JMX Console not secured by default
[ http://jira.jboss.com/jira/browse/JBAS-4167?page=all ]
Dimitris Andreadis closed JBAS-4167.
------------------------------------
Fix Version/s: (was: JBossAS-4.2.0.CR1)
Resolution: Rejected
Ryan, I'm not going to fix this. I've changed the default binding to localhost as
a compromise. Locking up the consoles with password and stuff is a responsibility of
whoever installs the server (installer, installation script, whatever).
JMX Console not secured by default
----------------------------------
Key: JBAS-4167
URL: http://jira.jboss.com/jira/browse/JBAS-4167
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Reporter: Ryan Campbell
Assigned To: Dimitris Andreadis
The jmx and web consoles should be inaccessible to remote hosts by default upon
installation. However, I just installed the alpha build and was able to access the jmx
console remotely. Steps to reproduce
./run.sh -b $MYTESTIP
Everything starts up correctly. However, I can access $MYTESTIP:8080/jmx-console from my
browser without restriction
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira