Configuring jmx-console to only be accessible via SSL

alwyn Jun 3, 2003 7:21 AM

Hi,

How can you configure Jetty and the jmx-console so that jmx-console is only accessible via SSL, but any other apps are available via protocol of choice?

1. Re: Configuring jmx-console to only be accessible via SSL

jonlee Jun 3, 2003 7:45 AM (in response to alwyn)

This is really a servlet container question, rather than being JBoss specific. However, you would set your security constraint in the web.xml:

<security-constraint>
<web-resource-collection>
<web-resource-name>Access</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

Read further on web application web.xml configuration. Additionally, you will need to configure Jetty for SSL. See this FAQ:
http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t= also see http://jetty.mortbay.org for the definitive information on Jetty configuration.
Actions