21.7. Disabling Authentication

This section contains information on how to disable authentication on individual specific services.

Note

Developers who need to disable the entire authentication for development purposes can do so using the jbossas-5-disableauth.patch patch available in the source files (src/build). First, copy the patch file to the jboss-as directory and run the following command to apply the patch from the jboss-asdirectory:
patch -p0 -i ./jbossas-5-disableauth.patch
Note that this patch is intended for development purposes only.

21.7.1. JMX Console

To disable authentication for the JMX console, comment out the <security-constraint> section in the $JBOSS_HOME/server/PROFILE/deploy/jmx-console.war/WEB-INF/web.xml file as shown in Example 21.8, “HtmlAdaptor securite-constraint Commented out”.

Example 21.8. HtmlAdaptor securite-constraint Commented out

<!--
<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAdaptor</web-resource-name>
<description>
An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application
</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
-->