[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: How to secure the JMX Console?
sachin.parnami
do-not-reply at jboss.com
Fri Oct 24 23:17:14 EDT 2008
Hi Peter,
Here are the changes done by me in
default/conf/props/jmx-console-users.properties
| # A sample users.properties file for use with the UsersRolesLoginModule
| master=Sachin
default/conf/props/jmx-console-roles.properties
| # A sample roles.properties file for use with the UsersRolesLoginModule
| admin=JBossAdmin,HttpInvoker
|
default/deploy/jmx-console.war/WEB-INF/jboss-web.xml
| <jboss-web>
| <!-- Uncomment the security-domain to enable security. You will
| need to edit the htmladaptor login configuration to setup the
| login modules used to authentication users.
| -->
| <security-domain>java:/jaas/jmx-console</security-domain>
|
| </jboss-web>
|
default/deploy/jmx-console.war/WEB-INF/web.xml
| <!-- A security constraint that restricts access to the HTML JMX console
| to users with the role JBossAdmin. Edit the roles to what you want and
| uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
| secured access to the HTML JMX console.-->
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>HtmlAdaptor</web-resource-name>
| <description>An example security config that only allows users with the
| role JBossAdmin to access the HTML JMX console web application
| </description>
| <url-pattern>/*</url-pattern>
| <http-method>GET</http-method>
| <http-method>POST</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>JBossAdmin</role-name>
| </auth-constraint>
| </security-constraint>
|
|
|
I am using jboss-4.2.2.GA :)
Regards,
Sachin Parnami
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4184614#4184614
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4184614
More information about the jboss-user
mailing list