2 Replies Latest reply on Aug 31, 2002 12:18 PM by Tobias Frech

    How to secure the JMX management console ?

    Tobias Frech Apprentice

      Q: How to secure the JMX management console on port 8082 ?
      (by MikeFinn)
      The JMX-HTML Adaptor MBean (from Sun jmxtools.jar) does not allow the specification of a bind address - only a port, and max # of clients. There is no attribute for it, and in fact, the server socket open call uses the no-address constructor (port,backlog).

      (by Scott Stark) There is a replacement servlet in the varia package under src/main/org/jboss/jmx. Being just a regular war it has all the capbilities of a web application/web container including configuration of the ports, bind address, transport encryption, and role based

      (by Mike Finn) So you can undeploy jmx-html-adaptor.sar, and instead deploy this servlet to your Jetty/Tomcat. Neat. The bigger benefit here is that you can put your
      own security constraints on it so Joe Fatfinger can't point a browser at 8082 and stop or remove running services.

      (by Scott Stark) This will be the default html adaptor in the 3.0.1 default and all configs. The minimal config will keep the ri adaptor since that config has no servlet container.