[jboss-dev-forums] [Design of Security on JBoss] - Re: AS 4.2.0 binding to localhost

[roshan_ail]

This is a bloody nuisance.
I am running jboss from wtp in eclipse.
It doesn't invoke run.bat so the darn thing binds to localhost.

I had not paid attention to it cos I was using firefox.

I need to use fiddler under ie to debug and the developers who worked on ie7 also thought they were too smart and decided that localhost or 127.0.0.1 will not go through the proxy at all. So I have to use the machine name to access the application.

Now how how do I get wtp to bind jboss to 0.0.0.0? 
I haven't been able to figure that out yet.

I know I can run jboss from the console and attach the debugger, why should I have to do that if eclipse can launch jboss from within it.

Binding to localhost is a stupid solution to the problem of the jmx-console being open.
You should do what tomcat does with the manager application and not enable it until the user configures some security credentials for it.
That is a much more elegant solution and it doesn't create a nuisance as well.



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4136871#4136871

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4136871