4 Replies Latest reply on Jun 17, 2003 10:49 AM by Sebastian Hauer

    User Login on JMX-console ;(

    hgarrett Newbie

      Hi everyone.. First of all i must say i'm newbie on this.

      I am trying to put some user logins on JBoss Server 4 (in order to restrict access to JMX-console) and everything went okay..


      On (JBOSS_DIST/server/default/deploy/jmx-console.war/WEB-INF/web.xml) i uncommented the security tags.

      On (JBOSS_DIST/server/default/deploy/jmx-console.war/WEB-INF/jboss-web.xml ) i uncommented
      the security-domain tags.

      On (JBOSS_DIST/server/default/deploy/jmx-console.war/WEB-INF/classes/users.properties) i have admin=admin

      On (JBOSS_DIST/server/default/deploy/jmx-console.war/WEB-INF/classes/roles.properties)
      admin=JBossAdmin
      administrator=basic

      A cleaned all caches on my browserand I deployed JMX console again... and finally I have a login box on
      localhost:8080/jmx-console...

      It seems great that it worked, but it looks it accepts
      any user and any password.. for example .. 'no' and 'no'.. ;(

      What am i missing here?
      I'm so new on this and i am getting tired on this kind of issues already..

      Thanx anyway .

        • 1. Re: User Login on JMX-console ;(
          Sebastian Hauer Newbie

          I am still on JBoss 3.0.x so I am not sure how it is with the AFAIK still beta JBoss 4.0.
          But here is how it should work:
          What is the URL in the <security-domain> of your
          JBOSS_DIST/server/default/deploy/jmx-console.war/WEB-INF/jboss-web.xml

          In my case it is:
          java:/jaas/jmx-console

          The last part of this URL is name of a JAAS application policy in your JBOSS_DIST/server/default/conf/login-config.xml
          or what ever the name of the JAAS config file is with JBoss4.
          Look of the "jmx-console" application policy and make sure it is not commented out.

          Regards,
          Sebastian

          • 2. Re: User Login on JMX-console ;(
            hgarrett Newbie

            Hi again,
            On (JBOSS_DIST/server/default/deploy/jmx-console.war/WEB-INF/jboss-web.xml) i have on security-domain tag this:
            java:/jaas/admin

            and it is confirmed that it is name of a JAAS application policy in my (JBOSS_DIST/server/default/conf/login-config.xml)
            'jmx-console' appears also here and both are not commented, so if i change java:/jaas/admin to
            java:/jaas/jmx-console it is confirmed there is no effect at all.

            Again and again, this accepts any login with any password. Could it be a problem of JBoss 4DR...??

            • 3. Re: User Login on JMX-console ;(
              hgarrett Newbie

              Hey....!! I think i found a bug on JBoss 4 DR.. ;)

              I installed the 3.2.2 RC1 and apllied all things as i said on my first message.

              And it works great Sebastian! Thanx again !

              • 4. Re: User Login on JMX-console ;(
                Sebastian Hauer Newbie

                Cool.
                Are you going to log it into the sf bug tracker?

                Regards,
                Sebastian