It should just be a Servlet wrapping the JMX Agent[s], reusing all the HTTP code present in the Servlet container.
Then you could simply stick some declarative security into it's web.xml - however, AFAIK, it isn't ! I haven't given it much thought - but there is probably a good reason why it isn't...... I guess sun figured that people would want to use it without a web container - but they should package it as a webapp to. What can you do ! :-) Jules --- Guy Rouillier <[EMAIL PROTECTED]> wrote: > On a related note, I like the JMX management > capability, so I don't want to > disable it completely, but I'd like to limit who can > get to it. > > (1) Apparently, the page as delivered has no > security - there is no > userid/password specified in jboss.jcml, and there > is no log on page. Is it > possible to configure so a userid and password are > required? > > (2) If the answer to (1) is no, where is the source > for the management page? > I"m assuming this is > com.sun.jdmk.comm.HtmlAdaptorServer, as I looked at > org.jboss.jmx.server.JMXAdaptorService and > org.jboss.jmx.server.RMIConnectorService and they > are just concerned with > connections. Is the source available? If so, I'd > like to modify it to > request a userid and password, if those two values > are specified in > jboss.jcml. > > ----- Original Message ----- > From: "Lennart Petersson" > <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, November 15, 2001 8:25 AM > Subject: SV: [JBoss-user] Security > > > Look in conf/jboss.jcml: > <mbean code="com.sun.jdmk.comm.HtmlAdaptorServer" > name="Adaptor:name=html"> > <attribute > name="MaxActiveClientCount">10</attribute> > <attribute name="Parser" /> > <attribute name="Port">8082</attribute> > </mbean> > > Shouldn't it be possible to just comment it out, or? > /Lennart > ----- Original Message ----- > From: jquest jquest <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Thursday, November 15, 2001 1:26 PM > Subject: Re: [JBoss-user] Security > > > > > > Hi, > > Thanks for this answer. > > It is possible. > > I need to know how to disable the 8082 port in > jboss config. > > Is it possible ? > > > > > > >From: Peter Fagerlund <[EMAIL PROTECTED]> > > >To: jquest jquest <[EMAIL PROTECTED]>, > > >"[EMAIL PROTECTED]" > <[EMAIL PROTECTED]> > > >Subject: Re: [JBoss-user] Security > > >Date: Thu, 15 Nov 2001 13:23:27 +0100 > > > > > >on 1-11-15 13.08, jquest jquest at > [EMAIL PROTECTED] wrote: > > > > > > > Hi all, > > > > I use jboss as application server. > > > > I can call http://my.server.ip:8082 and see > the setup of jboss. > > > > How can I disaple this option. > > > > > >The recomendation is : > > >when running a application server, do so behind a > firewall ... > > > > > >/peter_f > > > > > > > > > > _________________________________________________________________ > > Get your FREE download of MSN Explorer at > http://explorer.msn.com/intl.asp > > > > > > _______________________________________________ > > JBoss-user mailing list > > [EMAIL PROTECTED] > > > https://lists.sourceforge.net/lists/listinfo/jboss-user > > > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user > > > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user