1 Reply Latest reply on Feb 21, 2005 1:55 PM by starksm64

    secure jmx-console application with hashed password...

    ttdsuen1

      Dear All,

      I have just installed JBoss 4.0.1 on Windows XP, and I tried securing the jmx-console application in the following manner:

      (1) Uncomment the line in the jboss-web.xml in the default deployment directory,

      (2) Uncomment the security constraint in the web.xml

      (3) Modify the files: jmx-console-roles.properties, and jmx-console-users.properties

      I could get it working with plain text password in the users.properties files.
      For example:

      systemadmin=abc123 (original setting)
      systemadmin=E99A18C428CB38D5F260853678922E03

      However, when I tried putting md5/hex hashed password in the file to replace the original plain text, and add

      <module-option name="hashAlgorithm">MD5</module-option>
      <module-option name="hashEncoding">hex</module-option>

      in the login-config.xml, I could not login the console anymore. Does anyone know if I need to do anything not mentioned in the documentation?

      -Daniel.