JBoss配置
1.jmx-console 登入的使用者名稱和密碼設定
預設情況訪問 http://localhost:8080/jmx-console 就可以瀏覽jboss的部署管理的一些資訊,不需要輸入使用者名稱和密碼,使用起來有點安全隱患。下面我們針對此問題對jboss進行配置,使得訪問jmx-console也必須要知道使用者名稱和密碼才可進去訪問。JBoss配置步驟如下:
1)找到JBoss安裝目錄/server/default/deploy/jmx-console.war/WEB-INF/jboss-web.xml檔案,去掉<security-domain>java:/jaas/jmx-console</security-domain>的注釋。修改後的該檔案內容為:
<jboss-web> <!-- Uncomment the security-domain to enable security. You will need to edit the htmladaptor login configuration to setup the login modules used to authentication users.--> <security-domain>java:/jaas/jmx-console</security-domain> </jboss-web>
2)修改與i)中的jboss-web.xml同級目錄下的web.xml檔案,尋找到<security-constraint/>節點,去掉它的注釋,修改後該部分內容為:
<!-- A security constraint that restricts access to the HTML JMX console to users with the role JBossAdmin. Edit the roles to what you want and uncomment the WEB-INF/jboss-web.xml/security-domain element to enable secured access to the HTML JMX console.--> <security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint> </security-constraint>