JBoss AS is distributed by default as not secured (locked up).
If you want to work with locked up version you can try this easy way.
- Download Groovy script (source code at https://github.com/pskopek/sec-script).
- Install Groovy:
-- use http://groovy.codehaus.org/Download
-- use your OS favourite method: Fedora: yum install groovy - run: groovy securejboss.groovy <JBOSS SERVER HOME>
You can specify more then one JBoss Server Home directories. In that case common/deploy content will generate warning because it already is secured. - check output for possible problems (pay special attention to warnings)
Note: Always test your installation if it is secured properly.
The script currently supports JBoss AS 6.1.0.Final and 6.0.0.Final. Check later for JBoss AS 5 and 5.1 support.
Example on Fedora:
1. wget https://github.com/pskopek/sec-script/raw/master/script/securejboss.groovy
2. unzip -q ~/Downloads/jboss-as-distribution-6.1.0.Final.zip (already downloaded in $HOME/Downloads directory)
3. sudo yum install groovy
4. groovy securejboss.groovy jboss-6.1.0.Final/server/default/
Output example:
Working on ServerHome=jboss-6.1.0.Final/server/default/
JBoss AS Version: 6.1.0.Final
securing JBoss Security Domain: jmx-console
Done
securing jmx-console.war
Done
securing HttpInvoker
Done
securing JBoss Security Domain: JBossWS
Done
securing jbossws-console.war
Done
securing JMXConnector
Done
securing JBoss Security Domain: hornetq
Done
Comments