Hi,

I've followed instructions from "Technical White Paper - JBoss Security" to secure JMX layer.

I met a problem when implementing instructions described in 4.2.1 chapter : Enable Access Control or Authorization for the JMX Invoker / Use case 1 / Use of AuthorizationInterceptor

=> My jmx-invoker-service.xml :

=> My jmx-console security domain :

  <application-policy name="jmx-console">

    <authentication>

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"

        flag="required">

        <module-option name="usersProperties">props/jmx-console-users.properties</module-option>

        <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>

        <module-option name="hashAlgorithm">MD5</module-option>

      </login-module>

    </authentication>

  </application-policy>

=> My jmx-console-roles.properties :

<admin user>=JBossAdmin,HttpInvoker,UpdateAttributeRole,InvokeOpRole

With this configuration, twiddle.sh script can not get information from JMX any more. For example :

# twiddle.sh -u <admin user> -p <admin password> -s jnp://<xx.xx.xx.xx>:1099 get jboss.system:type=Server Started

17:14:05,419 ERROR [Twiddle] Exec failed

java.lang.ClassCastException: [Ljava.lang.String; cannot be cast to java.lang.String

If I remove org.jboss.jmx.connector.invoker.AuthorizationInterceptor interceptor, twiddle works fine again.

Is this behavior normal ?

Thanks in advance for your help.

Regards.

Message was edited by: Eric Savidan Do you know if the following correction has been implemented to JBoss AS 5.1.0 : https://issues.jboss.org/browse/JBPAPP-4039?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#issue-tabs ?