0 Replies Latest reply on Aug 6, 2012 9:32 AM by rudi_fisher

    JBoss AS 7.0.2 Final - JMX security

    rudi_fisher Newbie

      I'm ussing JBoss AS 7.0.2 Final with correctly configured JMX but I can't find any information how to secure JMX for this vesion of AS. There are some information, but for version 7.1 where jmx module was changed. I also found this article  https://community.jboss.org/wiki/UsingJconsoleToConnectToJMXOnAS7 where security is mentioned, but this is also about 7.1 version. But I need this working for 7.0 version Any ideas ho to change my configuration to add some security realm for JMX?

      I'm ussing standalone mode with secured administration console and JMX is working fine for me at: service:jmx:rmi:///jndi/rmi://localhost:1090/jmxrmi

      My current configuration is (standalone.xml):

       

      <extensions>
           ...
           <extension module="org.jboss.as.jmx"/>
           ...
      </extensions>
      ...
      
      <management>
           <security-realms>
                <security-realm name="PropertiesMgmtSecurityRealm">
                     <authentication>
                          <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
                     </authentication>
                </security-realm>
           </security-realms>
           <management-interfaces>
                <native-interface interface="management" port="9999" security-realm="PropertiesMgmtSecurityRealm"/>
                <http-interface interface="management" port="9990" security-realm="PropertiesMgmtSecurityRealm"/>
           </management-interfaces>
      </management>
      
      ...
      <subsystem xmlns="urn:jboss:domain:jmx:1.0">
           <jmx-connector server-binding="jmx-connector-server" registry-binding="jmx-connector-registry"/>
      </subsystem>
      ...
      
      <interfaces>
           <interface name="management">
                <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
           </interface>
           <interface name="public">
                <inet-address value="${jboss.bind.address:127.0.0.1}"/>
           </interface>
      </interfaces>
      ...
      
      <socket-binding-group name="standard-sockets" default-interface="public">
      ...
           <socket-binding name="jmx-connector-registry" port="1090" interface="management"/>
           <socket-binding name="jmx-connector-server" port="1091" interface="management"/>
      ...
      </socket-binding-group>