-
1. Re: security service from Getting Started manual
visolvejboss Jun 13, 2006 5:15 AM (in response to joecool)Hello,
For securing the jmx-console we have to edit the following files in the path: /server/default/deploy/jmx-console.war/WEB-INF/
1. Edit the web.xml and uncomment the security-constraint block.
2. Edit the jboss-web.xml and uncomment the security-domain block.
3. Check the files jmx-console-roles.properties and jmx-console-users.properties in the path : /server/default//conf/props/
In jmx-console-users.properties file, it contains admin=admin that is {username}={password}.
4. Now run the jboss and when u click for jmx-console, it askes for the username and password. Give Username as"admin" and password as "admin".
For more information refer the following link.
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole
Regards,
Visolve JBoss Team. -
2. Re: security service from Getting Started manual
joecool Jun 13, 2006 10:32 AM (in response to joecool)thanks. It looks like all the instructions are the same, which is good. I think I editted everything thing according to the instructions, but I still get the same thing. If I comment out the security-constraint in the web.xml file and leave all the jboss-web.xml uncommented I can access the page again, but with no security. I am listing the contents of the stated files along with their absolute path (sorry in advance for the length). thanks for the help - Tim
here is the web.xml C:\Program Files\jboss-4.0.4.GA\server\default\deploy\jmx-console.war\WEB-INF\web-xml
<!-- A security constraint that restricts access to the HTML JMX console
to users with the role JBossAdmin. Edit the roles to what you want and
uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
secured access to the HTML JMX console.
<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAdaptor</web-resource-name>
An example security config that only allows users with the
role JBossAdmin to access the HTML JMX console web application
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Public</web-resource-name>
<url-pattern>/public/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
</security-constraint>
-->
C:\Program Files\jboss-4.0.4.GA\server\default\deploy\jmx-console.war\WEB-INF\jboss-web.xml:
<jboss-web>
<!-- Uncomment the security-domain to enable security. You will
need to edit the htmladaptor login configuration to setup the
login modules used to authentication users.
-->
<security-domain>java:/jaas/jmx-console</security-domain>
</jboss-web
C:\Program Files\jboss-4.0.4.GA\server\default\conf\props\jmx-console-roles.properties
# A sample users.properties file for use with the UsersRolesLoginModule
admin=JBossAdmin,HttpInvoke
C:\Program Files\jboss-4.0.4.GA\server\default\conf\props\jmx-console-users.properties
# A sample users.properties file for use with the UsersRolesLoginModule
admin=admin