Hi,
I would like to restrict access to the Tomcat Status servlet (e.g. http://localhost:9778/status). I would like to limit access to this servlet to the 'jmx-console' domain. I tried to add file jboss-web.xml in ..\deploy\jbossweb-tomcat55.sar\ROOT.war\WEB-INF with a <security-domain> element but it does not seem working.

Do you know which file I should change?

Thanks
Max