[jboss-user] [Management, JMX/JBoss] - Re: Securing JMX console (JBoss)
PeterJ
do-not-reply at jboss.com
Thu Apr 3 14:38:04 EDT 2008
In XML files, comments are formed as follows:
<!-- this is a comment -->
In the web.xml file for the jmx console, move the
-->
line that appears after the security-constraint end tag to before the security-constraint start tag. It should then look like this:
<!-- A security constraint that restricts access to the HTML JMX console
| to users with the role JBossAdmin. Edit the roles to what you want and
| uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
| secured access to the HTML JMX console. --> <security-constraint>
| <web-resource-collection>
| <web-resource-name>HtmlAdaptor</web-resource-name>
| <description>An example security config that only allows users with the
| role JBossAdmin to access the HTML JMX console web application
| </description>
| <url-pattern>/*</url-pattern>
| <http-method>GET</http-method>
| <http-method>POST</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>JBossAdmin</role-name>
| </auth-constraint>
| </security-constraint>
|
| <login-config>
| . . .
The line in red is the one that was moved.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4141470#4141470
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4141470
More information about the jboss-user
mailing list