Hi,

If you install a jboss-4.0.4.GA default configuration using the installer jar the jmx-console servlet and the http-invoker servlet are both secured (admin user and admin as default password). If a client wants to get the initial naming context over HTTP with the following jndi properties

java.naming.factory.initial=org.jboss.naming.HttpNamingContextFactory
java.naming.factory.url.pkgs=org.jboss.naming
java.naming.provider.url=http://localhost:8080/invoker/JNDIFactory

an exception was thrown. With the security disabled http-invoker (modified jboss-web.xml and web.xml) an initial (naming) context can be created. It's not possible, to set the users credentials to the factory's properties. What's wrong? Is this a bug or a feature?

Regards, Matthias