aspose file tools*
The moose likes JBoss/WildFly and the fly likes How to configure secure JMX console access? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "How to configure secure JMX console access?" Watch "How to configure secure JMX console access?" New topic
Author

How to configure secure JMX console access?

Darya Akbari
Ranch Hand

Joined: Aug 21, 2004
Posts: 1855
Hi,

I am looking on how to best describe the access to a JMX administration page like http://localhost:8080/jmx-console for JBoss in a secure way.

Here, Java EE's security model plays in. For JBoss it's clear to me but I wonder whether there is a more general approach in Java EE.

Any hints?

Regards,
Darya
[ July 27, 2007: Message edited by: Darya Akbari ]

SCJP, SCJD, SCWCD, SCBCD
Paul Sturrock
Bartender

Joined: Apr 14, 2004
Posts: 10336

Are you asking how to secure a web application (the JMX-console) or how JMX security works?


JavaRanch FAQ HowToAskQuestionsOnJavaRanch
Darya Akbari
Ranch Hand

Joined: Aug 21, 2004
Posts: 1855
I mean securing the JMX console access.
Darya Akbari
Ranch Hand

Joined: Aug 21, 2004
Posts: 1855
I think most of the security task here is vendor dependent. The only non vendor dependent part I can see is in the web.xml deployment descriptor, see the code snippet below:



Here I want plug my own security domain and use my own security role my:jmxconsole

Regards,
Darya
[ July 27, 2007: Message edited by: Darya Akbari ]
Paul Sturrock
Bartender

Joined: Apr 14, 2004
Posts: 10336

So you are asking about securing a web application. Well since this is a more general "how web apps work" type of question so I'll move you over to a more appropriate forum, see if that generates some discussion.
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

Originally posted by Darya Akbari:
I think most of the security task here is vendor dependent. The only non vendor dependent part I can see is in the web.xml deployment descriptor, see the code snippet below:



Here I want plug my own security domain and use my own security role my:jmxconsole

Regards,
Darya

[ July 27, 2007: Message edited by: Darya Akbari ]


I agree.
I'm going to move this again.
This time to our JBoss forum where you find help in setting up SSL on that server.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Darya Akbari
Ranch Hand

Joined: Aug 21, 2004
Posts: 1855
Well for JBoss I know the answer . Maybe we should go back with this post .
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: How to configure secure JMX console access?