Securing the jmx-console in 4.0.3 SP1

ukumar Jan 25, 2006 1:56 PM

The need was to secure the jmx-console. I followed the procedure described in the documentation (Getting Started Guide and the Wiki Knowledge base) but kept getting a HTTP 403 error when I tried to access the console.

The problem went away only when I added the optional <login-config>
elements to the web.xml file in JBOSS-HOME/server/all/deploy/jmx-console.war/WEB-INF.

<login-config>
<auth-method>BASIC</auth-method>
</login-config>

Perhaps I did something wrong as the login-config is normally supposed to be optional. However after doing quite a bit of triaging I couldnt find anything wrong in the way I configured the server: hence this post.

1. Re: Securing the jmx-console in 4.0.3 SP1

carcher Feb 18, 2006 3:56 PM (in response to ukumar)

I had the exact same problem. Thanks for you post--it saved me quite a bit of time.
Actions
2. Re: Securing the jmx-console in 4.0.3 SP1

starksm64 Feb 19, 2006 12:01 PM (in response to ukumar)

Its not optional if you want a secured web deployment.
Actions
3. Re: Securing the jmx-console in 4.0.3 SP1

htbeast Apr 9, 2006 2:08 PM (in response to ukumar)

You're a hero. That part had me really stuck. The guide is good, although the "securing the jmx-console" section isn't.
Actions

Go to original post