Dear All,
I have just installed JBoss 4.0.1 on Windows XP, and I tried securing the jmx-console application in the following manner:
(1) Uncomment the line in the jboss-web.xml in the default deployment directory,
(2) Uncomment the security constraint in the web.xml
(3) Modify the files: jmx-console-roles.properties, and jmx-console-users.properties
I could get it working with plain text password in the users.properties files.
For example:
systemadmin=abc123 (original setting)
systemadmin=E99A18C428CB38D5F260853678922E03
However, when I tried putting md5/hex hashed password in the file to replace the original plain text, and add
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">hex</module-option>
in the login-config.xml, I could not login the console anymore. Does anyone know if I need to do anything not mentioned in the documentation?
-Daniel.
Passwords are case sensitive as is the hashed form, and the hashed form uses lower case:
e99a18c428cb38d5f260853678922e03