2 Replies Latest reply on Sep 25, 2017 11:15 AM by delphinus818

    Wildfly 10.0.0 Access JBOSS AS on a remote server (restrict to 1 IP address)

    delphinus818

      I would like to access JBOSS app server on a remote server.  The remote app server is in standalone mode.  The only way that I found that would work is to change the interface from "management" to "public" as follows:

       

      <!-- <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> --> 

      <socket-binding name="management-http" interface="public" port="${jboss.management.http.port:9990}"/> 

       

      However, this allows any machine to connect.  I would like to restrict only one particular IP address to be able to access the remote JBOSS, for security reasons.  I've tried the followings:

       

      1.  Keep the interface as "management" but assign a particular IP address.  This doesn't work.

       

           <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> 

       

           <interface name="management">

               <inet-address value="${jboss.bind.address.management:192.168.10.1}"/>

           </interface>

       

      2. Change the interface to "public" but assign a particular IP address.  This allows any machine to connect.

       

           <socket-binding name="management-http" interface="public" port="${jboss.management.http.port:9990}"/> 

       

           <interface name="public">

               <inet-address value="${jboss.bind.address:192.168.10.1}"/>

           </interface>

       

      3.  Do the same thing as above but use the -b flag.  This doesn't work.

      ./bin/standalone.sh -b=192.168.10.1 -bmanagement=192.168.10.1

       

      Is there a way to allow remote access but only allow it for 1 particular IP address?