21.2. Admin Console
The Admin Console improves on the former Web Console, and is an embedded version of the JOPR project, which JBoss Operation Network is based on. This console allows access for users to deploy and undeploy applications, and should be secured or removed. It is secured by default.
Follow Task: Allow access to the HTTP Invoker from remote hosts to allow access to the Admin Console.
Alternatively, it can be removed by deleting the
admin-console
directory from the deploy
directory.
Task: Create jmx-console, admin-console, and http invoker user account
This procedure creates user with access permissions to the admin and jmx consoles, and the http invoker.
The jmx-console is secured by the
jmx-console
security domain which is defined in $JBOSS_HOME/server/$PROFILE/conf/login-config.xml
.
Procedure 21.1.
- Add a username and password to
$JBOSS_HOME/server/$PROFILE/conf/props/jmx-console-users.properties
. - Create a username = password pair.
Important
The commentedadmin=admin
username and password pair is an example of the username/password definition syntax. Do not use this for your user account. - Grant permissions to the user:
- Edit the file
$JBOSS_HOME/server/$PROFILE/conf/props/jmx-console-roles.properties
. - Create an entry for the user of the form:
username=JBossAdmin,HttpInvoker
- Grant the user permission to access the JMX Console and Admin Console.
- Grant the user permission to access the HTTP Invoker.