1 Reply Latest reply on Feb 22, 2003 8:35 AM by Juha Lindfors

    Enabling PasswordAccess JMX Console port 8082

    Alex K Newbie

      I could justify posting this in more then one forum but this seems the closest one

      I inherited the following setup. It is going into production so minimal change is desired.

      JBOSS3.0.0_tomcat_4.0.3

      The embedded Tomcat is not used (doesn't start up)

      The JBOSS has been "customised" and the people who did this did not document the changes they made to the various configuration files other than via emails exchanged before I arrived

      Back end database Oracle

      When I start jboss on its own I can point my browser at

      http://localhost:8082/jmx-console

      and get the agent view

      I have been asked to enable password protection of this URL. So far I have failed to do so

      There is no jmx-console.war

      So what do I change, assuming the files are still there?

      I installed a separate vanilla JBOSS and simply changing the web.xml file in the jmx-console.war file seemed to get me a long way but I don't have this option in the version I am using.

      1) Is this process documented in the free documentation?
      (We ordered some JBOSS books and I think a
      subscription but it will take weeks to arrive)

      2) If not what do I need to change to enable password protection or restrict access in other ways ( e.g restricting acces to a set of specified hostnames or urls)

      3) Should this not be enabled by default as peopls here think this is a security weakness - anybody can see what our JBOSS is running - and I am inclined to agree with them

        • 1. Re: Enabling PasswordAccess JMX Console port 8082
          Juha Lindfors Master

          JBoss 3.0.0 uses HTML adaptor from Sun. As far as I remember it does support a simple plain text username, password authentication (which itself is not very secure). This is most likely documented somewhere in the Sun RI 1.0 documentation or API doc.

          Other options are to disable the adaptor in a production system or protect the port 8082 from external connection attempts. Or update to 3.0.1 or above.