4 Replies Latest reply on Aug 26, 2004 6:56 PM by awamser

    secure web console

    awamser

      There is what I've done so far...

      1. moved web-console.war to new dir and extracted it (jav -xvf web-console.jar)

      2. edit web.xml -> uncomment the security-constrint block
      edit jboss-web.xml -> uncomment the security-domain block.

      3. edit user properties file and set admin=

      4. recreated the war file (jar -cvf web-console.war *) and replaced the old.

      When I start jboss and try to access the web-console I get an invalid password error. Did I miss something? Also I did follow the same steps and didn't have any problems in securing the jmx-console.

      The environment is jboss 3.2.5 running on linux.

        • 1. Re: secure web console
          awamser

          I've also tried to rename the users and roles properties files. When jboss loads I am seeing the following error messaegs on the console.

          21:20:26,471 INFO [NamingService] Started jnpPort=1099, rmiPort=1098, backlog=50, bindAddress=/0.0.0.0, Client SocketFactory=null, Server SocketFactory=org.jboss.net.sockets.DefaultSocketFactory@ad093076
          21:20:27,566 ERROR [STDERR] Warning: validation was turned on but an org.xml.sax.ErrorHandler was not
          21:20:27,567 ERROR [STDERR] set, which is probably not what is desired. Parser will use a default
          21:20:27,568 ERROR [STDERR] ErrorHandler to print the first 10 errors. Please call
          21:20:27,568 ERROR [STDERR] the 'setErrorHandler' method to fix this.
          21:20:27,569 ERROR [STDERR] Error: URI=null Line=115: The content of element type "authentication" must match "(login-module)+".

          • 2. Re: secure web console
            starksm64

            You have broke the login-config.xml file with an invalid element.

            • 3. Re: secure web console
              awamser

              I added the web-console-users.properties to the web-console policy.

              <application-policy name = "web-console">

              <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
              flag = "required" />
              <module-option name="usersProperties">web-console-users.properties</module-option>
              <module-option name="rolesProperties">web-console-roles.properties</module-option>

              </application-policy>

              • 4. Re: secure web console
                awamser

                Now that I've posted the xml I noticed what I missed! There's </login-module>, it's always the little things!

                <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
                flag = "required" />
                <module-option name="usersProperties">web-console-users.properties</module-option>
                <module-option name="rolesProperties">web-console-roles.properties</module-option>
                </application-policy>

                it should look like this...

                <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
                flag = "required">

                <module-option name="usersProperties">web-console-users.properties</module-option>
                <module-option name="rolesProperties">web-console-roles.properties</module-option>
                </login-module>
                </application-policy>