Wednesday, July 2, 2008

Porch Skirting Designs

JBoss jmx-console and web-

The Stan Darko figuration the jmx and web console to the JBoss not protected against unauthorized access and can for example be accessed via http://meinserver:8080/jmx-console. This can change but simply because both consoles are standard servlets. For this reason, we can simply activate the security constraints and protect access with a password.

To achieve this we perform the following steps: first

First we edit the file JBOSS_HOME / se RVer / default / deploy / jmx-console.war / WEB-INF / web.xml . In this file, we remove the comments around the block security-constraint . It will look like this.


second Now we take the file jboss-web.xml before in the same directory. Here, we remove the comments to the day security-domain . The code should then resemble the following in the figure.


third In the files jmx-console-roles.properties and jmx-console-users.properties that the directory JBOSS_HOME / server / default / conf / props z are find u, can now the groups a user and its password should be established. For the admin they are indeed already been created, but it is best to assign a new password. We do this by admin in the file jmx-console-users.properties in the line = admin the second replaced by our new admin password.

4th The two files mentioned in the previous step, we now identify and clone it web-console- roles.properties and web-console-users.properties. us serve the same permissions for the web-console to use.

5th In the directory JBOSS_HOME / server / default / conf we now edit the file login-config.xml . We are looking for the day application-policy name = "web-console" . In the block, we change the values of the tags user-Properties and rolesProperties . see As in the following figure, was before the file name props / set so JBoss can find the configuration files.


5th Actually, these files in JBOSS_HOME / server / default / deploy / management / console-mgr.sar / web-console.war / WEB-INF / classes . Therefore, we need to rename these files now so that the server does not find it here.

course, you can step 4 and 5, miss and easily configure the files in place.

If now the address http://meinserver:8080/jmx-console calls in the browser, you will be prompted for the password. Here is one admin and the password changed in step 3 and will gain access to the jmx console.

0 comments:

Post a Comment