Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to configure secure JMX console access?

 
Darya Akbari
Ranch Hand
Posts: 1855
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I am looking on how to best describe the access to a JMX administration page like http://localhost:8080/jmx-console for JBoss in a secure way.

Here, Java EE's security model plays in. For JBoss it's clear to me but I wonder whether there is a more general approach in Java EE.

Any hints?

Regards,
Darya
[ July 27, 2007: Message edited by: Darya Akbari ]
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you asking how to secure a web application (the JMX-console) or how JMX security works?
 
Darya Akbari
Ranch Hand
Posts: 1855
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I mean securing the JMX console access.
 
Darya Akbari
Ranch Hand
Posts: 1855
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think most of the security task here is vendor dependent. The only non vendor dependent part I can see is in the web.xml deployment descriptor, see the code snippet below:



Here I want plug my own security domain and use my own security role my:jmxconsole

Regards,
Darya
[ July 27, 2007: Message edited by: Darya Akbari ]
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So you are asking about securing a web application. Well since this is a more general "how web apps work" type of question so I'll move you over to a more appropriate forum, see if that generates some discussion.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Darya Akbari:
I think most of the security task here is vendor dependent. The only non vendor dependent part I can see is in the web.xml deployment descriptor, see the code snippet below:



Here I want plug my own security domain and use my own security role my:jmxconsole

Regards,
Darya

[ July 27, 2007: Message edited by: Darya Akbari ]


I agree.
I'm going to move this again.
This time to our JBoss forum where you find help in setting up SSL on that server.
 
Darya Akbari
Ranch Hand
Posts: 1855
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well for JBoss I know the answer . Maybe we should go back with this post .
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic