Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Appendix A. Disabling Authentication

This appendix enables a user to disable authentication for specific services.
All specified paths in the sections below are relative to the jboss-as directory.
Disabling Authentication for JMX Console:

To disable authentication for the JMX console, edit the following file and comment out the security-constraint section: 

server/$PROFILE/deploy/jmx-console.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>HtmlAdaptor</web-resource-name>
    <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application
    </description>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>JBossAdmin</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
Disabling Authentication for Web Console:

To disable authentication for the Web console, edit the following file to comment out the security-constraint section: 

server/$PROFILE/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>HtmlAdaptor</web-resource-name>
    <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application
    </description>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>JBossAdmin</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
Disabling Authentication for HTTP Invoker:

To disable authentication for the http invoker, JNDIFactory, EJBInvokerServlet, and JMXInvokerServlet need to be removed from the security realm in the file: 

server/$PROFILE/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
For example, the security-constraint element should look as follows: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>HttpInvokers</web-resource-name>
    <description>An example security config that only allows users with the role HttpInvoker to access the HTTP invoker servlets
    </description>
    <url-pattern>/restricted/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>HttpInvoker</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
Disabling Authentication for JMX Invoker:

To disable authentication for the JMX invoker, edit the following file to comment out the security interceptor passthrough: 

server/$PROFILE/deploy/jmx-invoker-service.xml
Copy to Clipboard Toggle word wrap
Locate the mbean section with the class org.jboss.jmx.connector.invoker.InvokerAdaptorService. In that section comment out the line that relates to authenticated users:
The following fragment should be commented out: 
<descriptors>
  <interceptors>
    <!--Uncomment to require authenticated users-->
    <interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor"
        securityDomain="java:/jaas/jmx-console"/>
    <!--Interceptor that deals with non-serializable results-->
    <interceptor code="org.jboss.jmx.connector.invoker.SerializableInterceptor"
        policyClass="StripModelMBeanInfoPolicy"/>
  </interceptors>
</descriptors>
Copy to Clipboard Toggle word wrap
Disabling Authentication for the ProfileService:

To disable authentication for the ProfileService, edit the following file and comment out the contents of the serverProxyInterceptors list: 

deploy/profileservice-jboss-beans.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<bean class="org.jboss.aspects.security.AuthenticationInterceptor">
  <constructor>
    <parameter>
      <value-factory bean="JNDIBasedSecurityManagement" method="getAuthenticationManager" parameter="jmx-console"/>
    </parameter>
  </constructor>
</bean>
<bean class="org.jboss.aspects.security.RoleBasedAuthorizationInterceptor">
  <constructor>
    <parameter>
      <value-factory bean="JNDIBasedSecurityManagement" method="getAuthenticationManager" parameter="jmx-console"/>
    </parameter>
    <parameter>
      <value-factory bean="JNDIBasedSecurityManagement" method="getAuthenticationManager" parameter="jmx-console"/>
    </parameter>
  </constructor>
</bean>
Copy to Clipboard Toggle word wrap
Disabling Authentication for JBossWS:

To disable authentication for JBossWS, edit the following file and comment out the security-constraint: 

deploy/jbossws.sar/jbossws-management.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>ContextServlet</web-resource-name>
    <description>An example security config that only allows users with the role 'friend' to access the JBossWS console web application
    </description>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
      <role-name>friend</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat