-
1. Re: Securing JMX Console
have you updated:
jboss-3.2.5/server/default/deploy_OR_all/jmx-console.war\WEB-INF/classes/jmx-console-users.properties
? -
2. Re: Securing JMX Console
Updated the following:
/jboss3.2.3/server/default/deploy/jmx-console.war/WEB-INF/classes/users.properties
I changed the username password as admin1=admin1 and also renamed the file to 'jmx-console-users.properties
After this i changed the names in login-config.xml as follows:
<application-policy name = "jmx-console">
<login-module code="org.jboss.security.auth.spi.BaseCertLoginModule" flag = "required">
<module-option name = "securityDomain">java:/jaas/jmx-console</module-option>
<module-option name = "rolesProperties">roles.properties</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required">
<module-option name = "usersProperties">jmx-console-users.properties</module-option>
<module-option name = "rolesProperties">jmx-console-roles.properties</module-option>
</login-module>
</application-policy> -
3. Re: Securing JMX Console
1. Locate the jmx-console.war directory. This will normally be in server/default/deploy in your JBOSS_HOME directory
2. edit WEB-INF/web.xml and uncomment the security-constraint block
3. edit WEB-INF/classes/jmx-console-users.properties and WEB-INF/classes/jmx-console-roles.properties and change the users and passwords to what you desire. They will need the JBossAdmin role specified in the web.xml file to run the JMX Console.
4. edit WEB-INF/jboss-web.xml and uncomment the security-domain block. The security-domain value of jmx-console maps is declared in the login-config.xml JAAS configuration file which defines how authentication and authorization is done.