Chapter 21. Securing the Administrative Access Points

JBoss Enterprise Application Platform ships with several administrative access points that must be secured or removed to prevent unauthorized access to administrative functions in a deployment. This chapter discusses the various administration services, how to secure them, and how to disable authentication on these access points for development purposes.

21.1. JMX Console

The JMX Console is provided by the jmx-console.war file located in the deploy directory. It provides with an HTML view into the JMX Microkernel and allows you to perform administrative actions such as shutting down the server, stopping services and deploying new services, among other things.
This service is secured by default, and permissions need to be granted to the jmx-console security domain to allow access. Follow Task: Create jmx-console, admin-console, and http invoker user account to allow access to it. In order to remove it, delete the jmx-console folder from the deploy directory.