You might be able to setup a second http connector for port 9090. But then both, 8080 and 9090 will serve both jmx-console and your web-app.
My advice is to convince your boss that using a "Remote Address Filter" or a "Remote Host Filter" in front og the jmx-console is the best solution for now.
Alternativly you could try to start a separate tomcat on 9090 (stand alone) with an JMX-application that accesses JBoss via JMX remote. I don't know if such a app exists.