Hi Ankur,

welcome to the forum.

I will give you some general hints, a 'need help' subject will be useless as anybody here is looking for help or have a problem.

You should give a description what the problem is, what JBoss version you use and what do you want to achieve.

From your post I suppose that you have a JBoss installed and the admin interfaces are not secured, is that your issue?

Is the JBoss public accessable? Otherwise it might not be a problem.

Have a look to

https://community.jboss.org/wiki/SecureTheJmxConsole

or

http://docs.jboss.org/jbossas/docs/Server_Configuration_Guide/4/html/Inspecting_the_Server___the_JMX_Console_Web_Application-Securing_the_JMX_Console.html

also you might remove unnecessary services from the installation, see this guide

https://community.jboss.org/wiki/JBoss6xTuningSlimming

more you will find in the AS5 guide (see link on the wiki above), most of it is aplicable for AS6.

Hi Dieter

Can you also please confirm whether changing the configuration file would not result into the increase of the log file or any other impact

Bye

Sunil Sharma

Increase the log traffic might happen if you add new components or change the loggging level.

And what should I confirm, if you change the configuration this might have impacts depend on what you change. So I don't understand exacty what you meant by this.

Hi Dieter,

1.       To Restrict access to the HttpAdaptor JMXInvokerServlet, we have commented following text on web.xml at [JBOSS_App_server_path]\server\lc_turnkey\deploy\httpha-invoker.sar\invoker.war\WEB-INF\. After commenting we are getting message “The requested resource (/invoker/JMXInvokerServlet) is not available” when trying to access /invoker/JMXInvokerServlet and that solves our issue.

<!-- <servlet>

       <servlet-name>JMXInvokerServlet</servlet-name>

       <description>The JMXInvokerServlet receives posts containing serlized

       MarshalledInvocation objects that are routed to the invoker given by

       the the MBean whose object name hash is specified by the

       invocation.getObjectName() value. The return content is a serialized

       MarshalledValue containg the return value of the inovocation, or any

       exception that may have been thrown.

       </description>

       <servlet-class>org.jboss.invocation.http.servlet.InvokerServlet</servlet-class>

       <load-on-startup>1</load-on-startup>

   </servlet>

-->

2.      Just wanted to know are above changes having impact into the increase of the JBOSS server log files or any other impact on the JBOSS ?

Sunil Sharma wrote:

 

 

2.      Just wanted to know are above changes having impact into the increase of the JBOSS server log files

 

Why do you think that's going to increase the log file size?

I mean size of JBOSS log files may be due to errors or exceptions reported due to commenting of “JMXInvokerServlet” in Web.XML mentioned in earlier post. Are there any possibilities that errors or exception will be reported?