8:43 a.m.
Review the out of the box security settings
-------------------------------------------
Key: AS7-1710
URL: https://issues.jboss.org/browse/AS7-1710
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 7.0.2.Final
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:33 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1710) Review the out of the box security settings
[
https://issues.jboss.org/browse/AS7-1710?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1710:
----------------------------------
Priority: Critical (was: Major)
Fix Version/s: 7.1.0.Beta1
(was: 7.0.2.Final)
Review the out of the box security settings
-------------------------------------------
Key: AS7-1710
URL: https://issues.jboss.org/browse/AS7-1710
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 7.1.0.Beta1
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:41 p.m.
New subject: [JBoss JIRA] (AS7-1710) Review the out of the box security settings
[
https://issues.jboss.org/browse/AS7-1710?page=com.atlassian.jira.plugin.s...
]
Jason Greene updated AS7-1710:
------------------------------
Priority: Blocker (was: Critical)
Beta needs to be locked down, so making this a blocker
Review the out of the box security settings
-------------------------------------------
Key: AS7-1710
URL: https://issues.jboss.org/browse/AS7-1710
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Blocker
Fix For: 7.1.0.Beta1
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:52 p.m.
New subject: [JBoss JIRA] (AS7-1710) Secure the management interfaces by default
[
https://issues.jboss.org/browse/AS7-1710?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1710:
----------------------------------
Summary: Secure the management interfaces by default (was: Review the out of the
box security settings)
Description:
The two management interfaces will be secured by default out of the box, this is prevent
accidentally making management operations available publicly.
The properties based realm has already been updated to support pre-hashed passwords and a
utility script has been provided for generating the hashes, also changes to the properties
file are now detected at runtime so the users can be added after the AS instance has been
started.
The script can be called as: -
bin\digest-password.sh username realm password
The default realm unless changed is 'ManagementRealm'. The output from the script
can be re directly into the corresponding mgmt-users.properties
Secure the management interfaces by default
-------------------------------------------
Key: AS7-1710
URL: https://issues.jboss.org/browse/AS7-1710
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Blocker
Fix For: 7.1.0.Beta1
The two management interfaces will be secured by default out of the box, this is prevent
accidentally making management operations available publicly.
The properties based realm has already been updated to support pre-hashed passwords and a
utility script has been provided for generating the hashes, also changes to the properties
file are now detected at runtime so the users can be added after the AS instance has been
started.
The script can be called as: -
bin\digest-password.sh username realm password
The default realm unless changed is 'ManagementRealm'. The output from the
script can be re directly into the corresponding mgmt-users.properties
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4747
days inactive
4815
days old
3 comments
3 participants
participants (3)
-
Darran Lofthouse (JIRA) -
Darran Lofthouse (Updated) (JIRA)
-
Jason Greene (Updated) (JIRA)