本文介绍如何为JBoss 5.x管理员控制台启用安全性设置,包括修改配置文件来限制对控制台的访问,以及如何配置登录模块以实现用户验证。
进入JBOSS管理员控制台,需要管理员账号和密码,初次使用JBOSS的时候就需要进行一些设定。
以jboss-5.1.0.GA为例:
- 修改%JBOSS_HOME%\server\default\deploy\jmx-console.war\WEB-INF\jboss-web.xml文件的内容,取消注释:
- <jboss-web>
- <!-- Uncomment the security-domain to enable security. You will
- need to edit the htmladaptor login configuration to setup the
- login modules used to authentication users.
- -->
- <security-domain>java:/jaas/jmx-console</security-domain>
- </jboss-web>
- <!-- A security constraint that restricts access to the HTML JMX console
- to users with the role JBossAdmin. Edit the roles to what you want and
- uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
- secured access to the HTML JMX console.
- -->
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>HtmlAdaptor</web-resource-name>
- <description>An example security config that only allows users with the
- role JBossAdmin to access the HTML JMX console web application
- </description>
- <url-pattern>/*</url-pattern>
- <http-method>GET</http-method>
- <http-method>POST</http-method>
- </web-resource-collection>
- <auth-constraint>
- <role-name>JBossAdmin</role-name>
- </auth-constraint>
- </security-constraint>
- <!-- A template configuration for the jmx-console web application. This
- defaults to the UsersRolesLoginModule the same as other and should be
- changed to a stronger authentication mechanism as required.
- -->
- <application-policy name="jmx-console">
- <authentication>
- <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag="required">
- <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
- <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
- </login-module>
- </authentication>
- </application-policy>
- admin=JBossAdmin,HttpInvoker
- adminadmin=admin
转载于:https://blog.51cto.com/howfar/1112287
扫一扫
1491
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
