There is what I've done so far...
1. moved web-console.war to new dir and extracted it (jav -xvf web-console.jar)
2. edit web.xml -> uncomment the security-constrint block
edit jboss-web.xml -> uncomment the security-domain block.
3. edit user properties file and set admin=
4. recreated the war file (jar -cvf web-console.war *) and replaced the old.
When I start jboss and try to access the web-console I get an invalid password error. Did I miss something? Also I did follow the same steps and didn't have any problems in securing the jmx-console.
The environment is jboss 3.2.5 running on linux.
Ignore this post, it was doubled posted...