[jboss-user] [JBoss Portal] - Security Lockdown

halversp do-not-reply at jboss.com
Tue Jul 25 09:57:30 EDT 2006

I'm trying to lock down our 2.4 portal server by removing all unneeded JBoss services and interfaces (RMI invokers, JMS stuff, tomcat AJP listeners, etc).  Has anyone done this before? Is it documented anywhere what the minimal set of services JBP needs?  If not, can someone identify which (if any) of the following standard JBoss services are needed by JBP?

  | *  RMI/JRMP/HTTP invokers (port 4444)
  | *  WebService access for remote classloading (8083)
  | *  remote JNDI access (1098,1099)
  | *  JBoss MQ
  | *  JBoss WS
Does clustering have any additional service requirements?


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3960691#3960691

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3960691

More information about the jboss-user mailing list