Securing JBoss Application Server
Securing JBoss Application Server v7.0
Please visit Securing the Management Interfaces.
And also Hardening Guidelines - JBoss AS 7.2
Securing JBoss AS v6.x or v5.x
When you first download JBoss, it comes as an easy-to-install zip file. Upon installation, you can easily deploy EJBs, web applications and a whole array of services. However, you may be suprised how easy it is to compromise the services. JBossSX can fix that by securing those functions.
These are the steps to secure the default download of JBoss:
Secure JBossMQ (Need to change to JBoss Messaging)