Re: [JBoss-user] Re: secure web console
Read the JAAS howto found in the sourceforge docs section: http://sourceforge.net/docman/display_doc.php?docid=18240&group_id=22866 -- Scott Stark Chief Technology Officer JBoss Group, LLC [EMAIL PROTECTED] wrote: Where I can define users for it? In web.xml is that users with role JBossAdmin are allowed, but where they are specified? Thanks, Jiri --- This SF.net email is sponsored by OSDN developer relations Here's your chance to show off your extensive product knowledge We want to know what you know. Tell us and you have a chance to win $100 http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Re: secure web console
Or, bettre question - how I can secure it for zipped war? Must I unzip it, change and zip again into war or is there another way? > Where I can define users for it? > In web.xml is that users with role JBossAdmin are allowed, but where they > are specified? > > Thanks, > Jiri > >> Right, but the descriptor paths are >> deploy/jmx-console.war/WEB-INF/jboss-web.xml >> and deploy/jmx-console.war/WEB-INF/web.xml and conf/login-config.xml >> >> -- >> >> Scott Stark >> Chief Technology Officer >> JBoss Group, LLC >> >> >> Eric Jain wrote: is there an easy trick to secure the webconsole with a password? >>> >>> >>> This is how you could secure the jmx console: >>> >>> In jmxconsole.sar/META-INF/jboss-web.xml uncomment the security-domain >>> element and set it to one of the application policies you have >>> configured in your login-conf.xml. >>> >>> In web.xml, uncomment the security-constraint element, and change the >>> role name to whatever you call your admin role. >>> >>> If you have set up HTTPS, and want to ensure that all access to the jmx >>> console is encrypted, add a user-data-constraint/transport-guarantee >>> INTEGRAL directive as a last element within the security-constraint >>> element. >>> >>> -- >>> Eric Jain >> >> >> >> --- >> This sf.net email is sponsored by:ThinkGeek >> Welcome to geek heaven. >> http://thinkgeek.com/sf >> ___ >> JBoss-user mailing list >> [EMAIL PROTECTED] >> https://lists.sourceforge.net/lists/listinfo/jboss-user >> > > > > --- > This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo > The Event For Linux Datacenter Solutions & Strategies in The Enterprise > Linux in the Boardroom; in the Front Office; & in the Server Room > http://www.enterpriselinuxforum.com > ___ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user > --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Re: secure web console
Where I can define users for it? In web.xml is that users with role JBossAdmin are allowed, but where they are specified? Thanks, Jiri > Right, but the descriptor paths are > deploy/jmx-console.war/WEB-INF/jboss-web.xml > and deploy/jmx-console.war/WEB-INF/web.xml and conf/login-config.xml > > -- > > Scott Stark > Chief Technology Officer > JBoss Group, LLC > > > Eric Jain wrote: >>>is there an easy trick to secure the webconsole with a password? >> >> >> This is how you could secure the jmx console: >> >> In jmxconsole.sar/META-INF/jboss-web.xml uncomment the security-domain >> element and set it to one of the application policies you have >> configured in your login-conf.xml. >> >> In web.xml, uncomment the security-constraint element, and change the >> role name to whatever you call your admin role. >> >> If you have set up HTTPS, and want to ensure that all access to the jmx >> console is encrypted, add a user-data-constraint/transport-guarantee >> INTEGRAL directive as a last element within the security-constraint >> element. >> >> -- >> Eric Jain > > > > --- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > ___ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user > --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Re: secure web console
Right, but the descriptor paths are deploy/jmx-console.war/WEB-INF/jboss-web.xml and deploy/jmx-console.war/WEB-INF/web.xml and conf/login-config.xml -- Scott Stark Chief Technology Officer JBoss Group, LLC Eric Jain wrote: is there an easy trick to secure the webconsole with a password? This is how you could secure the jmx console: In jmxconsole.sar/META-INF/jboss-web.xml uncomment the security-domain element and set it to one of the application policies you have configured in your login-conf.xml. In web.xml, uncomment the security-constraint element, and change the role name to whatever you call your admin role. If you have set up HTTPS, and want to ensure that all access to the jmx console is encrypted, add a user-data-constraint/transport-guarantee INTEGRAL directive as a last element within the security-constraint element. -- Eric Jain --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] Re: secure web console
> is there an easy trick to secure the webconsole with a password? This is how you could secure the jmx console: In jmxconsole.sar/META-INF/jboss-web.xml uncomment the security-domain element and set it to one of the application policies you have configured in your login-conf.xml. In web.xml, uncomment the security-constraint element, and change the role name to whatever you call your admin role. If you have set up HTTPS, and want to ensure that all access to the jmx console is encrypted, add a user-data-constraint/transport-guarantee INTEGRAL directive as a last element within the security-constraint element. -- Eric Jain --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
