2 Replies Latest reply on Jun 13, 2006 10:32 AM by Joe Cool

    security service from Getting Started manual

    Joe Cool Newbie

      I tried to perform the security service modifications in the getting started guide that describe how to password protect the jmx-console. Now when I try to access the console I get a simple access denied message. I haven't seen any output in any log file or the console.

      I am using JBOSS 4_0_4GA on a windows on a Windows XP machine with service pack 2.

      I tried to recomment out the <security-domain>java:/jaas/jmx-console</security-domain> line in th e C:\Program Files\jboss-4.0.4.GA\server\default\deploy\jmx-console.war\WEB-INF\jboss-web.xml file, but I still get the same error. I thought this would have removed the password restriction for th ejmx-console.



        • 1. Re: security service from Getting Started manual
          VisolveGroup Novice


          For securing the jmx-console we have to edit the following files in the path: /server/default/deploy/jmx-console.war/WEB-INF/

          1. Edit the web.xml and uncomment the security-constraint block.

          2. Edit the jboss-web.xml and uncomment the security-domain block.

          3. Check the files jmx-console-roles.properties and jmx-console-users.properties in the path : /server/default//conf/props/

          In jmx-console-users.properties file, it contains admin=admin that is {username}={password}.

          4. Now run the jboss and when u click for jmx-console, it askes for the username and password. Give Username as"admin" and password as "admin".

          For more information refer the following link.


          Visolve JBoss Team.

          • 2. Re: security service from Getting Started manual
            Joe Cool Newbie

            thanks. It looks like all the instructions are the same, which is good. I think I editted everything thing according to the instructions, but I still get the same thing. If I comment out the security-constraint in the web.xml file and leave all the jboss-web.xml uncommented I can access the page again, but with no security. I am listing the contents of the stated files along with their absolute path (sorry in advance for the length). thanks for the help - Tim

            here is the web.xml C:\Program Files\jboss-4.0.4.GA\server\default\deploy\jmx-console.war\WEB-INF\web-xml

            <!-- A security constraint that restricts access to the HTML JMX console
            to users with the role JBossAdmin. Edit the roles to what you want and
            uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
            secured access to the HTML JMX console.
            An example security config that only allows users with the
            role JBossAdmin to access the HTML JMX console web application


            C:\Program Files\jboss-4.0.4.GA\server\default\deploy\jmx-console.war\WEB-INF\jboss-web.xml:
            <!-- Uncomment the security-domain to enable security. You will
            need to edit the htmladaptor login configuration to setup the
            login modules used to authentication users.

            C:\Program Files\jboss-4.0.4.GA\server\default\conf\props\jmx-console-roles.properties
            # A sample users.properties file for use with the UsersRolesLoginModule

            C:\Program Files\jboss-4.0.4.GA\server\default\conf\props\jmx-console-users.properties
            # A sample users.properties file for use with the UsersRolesLoginModule