I generally follow what I wrote on http://hudson.gotdns.com/wiki/display/HUDSON/JBoss with security enabled public instance. For the public instance I use =public (copy of default). For internal instance I use =default. unzip JBoss EAP Edit $JBOSS_HOME/server//deploy/jboss-web.deployer/server.xml and change ` cp hudson.war hudson_ #public instance only for security cd hudson_; mkdir unzipped; cd unzipped unzip ../hudson.war cd WEB-INF create jboss-web.xml containing: java:/jaas/jmx-console cd $JBOSS_HOME/server//conf/props add "hudson=admin" to jmx-console-roles.properties add "hudson=passwd" to jmx-console-users.properties edit $JBOSS_HOME/server//conf/login-config.xml uncomment "" lines edit $JBOSS_HOME/server//deploy/jmx-console.war/WEB-INF/jboss-web.xml uncomment edit $JBOSS_HOME/server//deploy/jmx-console.war/WEB-INF/web.xml uncomment lines after "A security constraint that restricts access..." #end public instance only Start server -b 0.0.0.0 -c -u and different HUDSON_HOME for public. deploy by creating a symbolic in the server's deploy dir: ln -s ~/hudson_/hudson.war . ln -s ~/hudson_/unzipped hudson.war (for the public instance) Start server with -Djava.awt.headless=true #public instance only enable security set up number of executors to "0" install artifacts receiver plug-in install subset of plugins (not all required) #end public instance only install public artifacts publisher plugin install plugins Other configuration options as applicable. TODO: #treeview-min.js from yahoo.widget.treeview download to scripts/yui; should be fixed in feature versions of hudson #jsp redirect to avoid issues #deploy hudson to server root to avoid user typing /hudson HOWTO: restart hudson from the jmx console void reload method - search for "//localhost/hudson"