Chapter 4. Securing the Management Console

Abstract

The default setting for Access-Control-Allow-Origin header for the AMQ Management Console permits unrestricted sharing. To restrict access to the AMQ Management Console, create an access management file which contains a list of the allowed origin URLs. To implement the restrictions, add a system property that references the access management file

4.1. Controlling Access to the Fuse Management Console
링크 복사

Create an access management file called access-management.xml in <installDir>/etc/. The access management file must contain <allow-origin> sections within a <cors> section. The <allow-origin> section can contain the origin URL provided by browsers with the Origin: header, or a wildcard specification with *. For example:

<cors>
   <!-- Allow cross origin access from www.jolokia.org ... -->
   <allow-origin>http://www.jolokia.org</allow-origin>
   <!-- ... and all servers from jmx4perl.org with any protocol -->
   <allow-origin>*://*.jmx4perl.org</allow-origin>
   <!-- optionally allow access to web console from localhost -->
   <allow-origin>http://localhost:8181/*</allow-origin>
   <!-- Check for the proper origin on the server side, too -->
   <strict-checking/>
</cors>

<cors>
   <!-- Allow cross origin access from www.jolokia.org ... -->
   <allow-origin>http://www.jolokia.org</allow-origin>
   <!-- ... and all servers from jmx4perl.org with any protocol -->
   <allow-origin>*://*.jmx4perl.org</allow-origin>
   <!-- optionally allow access to web console from localhost -->
   <allow-origin>http://localhost:8181/*</allow-origin>
   <!-- Check for the proper origin on the server side, too -->
   <strict-checking/>
</cors>

Copy to Clipboard

Toggle word wrap

Add the following line to AMQ config script ./bin/setenv, adding the path to the access management file.

export EXTRA_JAVA_OPTS='-Djolokia.policyLocation=file:etc/access-management.xml'

export EXTRA_JAVA_OPTS='-Djolokia.policyLocation=file:etc/access-management.xml'

Copy to Clipboard

Toggle word wrap

When the command ./bin/fuse is executed, the access management file is referenced and used to restrict access to the AMQ Management Console.

맨 위로 이동

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 4. Securing the Management Console

4.1. Controlling Access to the Fuse Management Console
링크 복사

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat 소개

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 4. Securing the Management Console

4.1. Controlling Access to the Fuse Management Console링크 복사링크가 클립보드에 복사되었습니다!

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat 소개

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

4.1. Controlling Access to the Fuse Management Console
링크 복사