4 Replies Latest reply on Jul 4, 2016 9:38 AM by Razvan Potra

    JMX Web Console Application authentication issue on wildfly 9.0.1 final

    Razvan Potra Newbie

      Hi guys,

       

      When i'm accessing this url http://localhost:8080/jmx-console/ the password encryption is not working.

      I have the next entries in the config files:

       

      --standalone xml:

       

              <security-domain name="jminix">

                          <authentication>

                              <login-module code="UsersRoles" flag="required">

                                  <module-option name="usersProperties" value="${jboss.server.config.dir}/jmx-console-users.properties"/>

                                  <module-option name="rolesProperties" value="${jboss.server.config.dir}/jmx-console-roles.properties"/>

                                  <!--<module-option name="hashAlgorithm" value="MD5"/>-->

                                  <!--<module-option name="hashEncoding" value="RFC2617"/>-->

                                  <!--<module-option name="hashUserPassword" value="false"/>-->

                                  <!--<module-option name="hashStorePassword" value="true"/>-->

                                  <!--<module-option name="passwordIsA1Hash" value="true"/>-->

                                  <!--<module-option name="storeDigestCallback" value="org.jboss.security.auth.callback.RFC2617Digest"/>-->

                              </login-module>

                          </authentication>

                      </security-domain>

       

      -- jboss-web.xml:

       

      <jboss-web>

          <!-- Uncomment the security-domain to enable security. You will

             need to edit the htmladaptor login configuration to setup the

           login modules used to authentication users.-->

          <context-root>jmx-console</context-root>

          <security-domain>jminix</security-domain>

      </jboss-web>

       

      -- web.xml

       

      <security-constraint>

              <web-resource-collection>

                  <web-resource-name>JmxMiniConsoleServlet</web-resource-name>

                  <description>An example security config that only allows users with the

                      role JBossAdmin to access the HTML JMX console web application

                  </description>

                  <url-pattern>/*</url-pattern>

              </web-resource-collection>

              <auth-constraint>

                  <role-name>JBossAdmin</role-name>

              </auth-constraint>

          </security-constraint>

       

       

          <login-config>

              <auth-method>BASIC</auth-method>

              <realm-name>jminix</realm-name>

          </login-config>

       

          <security-role>

              <role-name>JBossAdmin</role-name>

          </security-role>

       

      Any ideas of what am I doing wrong?

       

      Thanks in advance!