1 Reply Latest reply on Jan 7, 2003 10:07 AM by Juha Lindfors

    Here STEPS to protect jmx-console with passwd.

    Jesus Casquero Newbie

      Steps to protect jmx-console:

      1) Change user and password in:

      {INSTALL_DIR_JBOSS}/server/default/deploy/jmx-console.war/WEB-INF/classes/users.properties
      {INSTALL_DIR_JBOSS}/server/default/deploy/jmx-console.war/WEB-INF/classes/roles.properties

      2) Go to file:

      {INSTALL_DIR_JBOSS}/server/default/conf/login-config.xml

      comment th following:

      <application-policy name = "jmx-console">

      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
      flag = "required" />

      </application-policy>-->

      and replace this section (bottom) :

      <application-policy name = "other">
      .....
      .....
      </application-policy>

      for this one:

      <application-policy name = "other">

      <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required">
      <module-option name="usersProperties">users.properties</module-option>
      <module-option name="rolesProperties">roles.properties</module-option>
      </login-module>



      </application-policy>

      3) Go to file:

      {INSTALL_DIR_JBOSS}/server/default/deploy/jmx-console.war/WEB-INF/jboss-web.xml

      and uncomment the line:

      <security-domain>java:/jaas/jmx-console</security-domain>

      4) Finish. If you try to enter to the jmx-console a password will be required.