Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

此内容没有您所选择的语言版本。

Appendix A. Disabling Authentication

This appendix enables a user to disable authentication for specific services.
All specified paths in the sections below are relative to the jboss-as directory.
Disabling Authentication for JMX Console:

To disable authentication for the JMX console, edit the following file and comment out the security-constraint section: 

server/$PROFILE/deploy/jmx-console.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>HtmlAdaptor</web-resource-name>
    <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application
    </description>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>JBossAdmin</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
Disabling Authentication for Web Console:

To disable authentication for the Web console, edit the following file to comment out the security-constraint section: 

server/$PROFILE/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>HtmlAdaptor</web-resource-name>
    <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application
    </description>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>JBossAdmin</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
Disabling Authentication for HTTP Invoker:

To disable authentication for the http invoker, JNDIFactory, EJBInvokerServlet, and JMXInvokerServlet need to be removed from the security realm in the file: 

server/$PROFILE/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
For example, the security-constraint element should look as follows: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>HttpInvokers</web-resource-name>
    <description>An example security config that only allows users with the role HttpInvoker to access the HTTP invoker servlets
    </description>
    <url-pattern>/restricted/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>HttpInvoker</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
Disabling Authentication for JMX Invoker:

To disable authentication for the JMX invoker, edit the following file to comment out the security interceptor passthrough: 

server/$PROFILE/deploy/jmx-invoker-service.xml
Copy to Clipboard Toggle word wrap
Locate the mbean section with the class org.jboss.jmx.connector.invoker.InvokerAdaptorService. In that section comment out the line that relates to authenticated users:
The following fragment should be commented out: 
<descriptors>
  <interceptors>
    <!--Uncomment to require authenticated users-->
    <interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor"
        securityDomain="java:/jaas/jmx-console"/>
    <!--Interceptor that deals with non-serializable results-->
    <interceptor code="org.jboss.jmx.connector.invoker.SerializableInterceptor"
        policyClass="StripModelMBeanInfoPolicy"/>
  </interceptors>
</descriptors>
Copy to Clipboard Toggle word wrap
Disabling Authentication for the ProfileService:

To disable authentication for the ProfileService, edit the following file and comment out the contents of the serverProxyInterceptors list: 

deploy/profileservice-jboss-beans.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<bean class="org.jboss.aspects.security.AuthenticationInterceptor">
  <constructor>
    <parameter>
      <value-factory bean="JNDIBasedSecurityManagement" method="getAuthenticationManager" parameter="jmx-console"/>
    </parameter>
  </constructor>
</bean>
<bean class="org.jboss.aspects.security.RoleBasedAuthorizationInterceptor">
  <constructor>
    <parameter>
      <value-factory bean="JNDIBasedSecurityManagement" method="getAuthenticationManager" parameter="jmx-console"/>
    </parameter>
    <parameter>
      <value-factory bean="JNDIBasedSecurityManagement" method="getAuthenticationManager" parameter="jmx-console"/>
    </parameter>
  </constructor>
</bean>
Copy to Clipboard Toggle word wrap
Disabling Authentication for JBossWS:

To disable authentication for JBossWS, edit the following file and comment out the security-constraint: 

deploy/jbossws.sar/jbossws-management.war/WEB-INF/web.xml
Copy to Clipboard Toggle word wrap
The following fragment should be commented out: 
<security-constraint>
  <web-resource-collection>
    <web-resource-name>ContextServlet</web-resource-name>
    <description>An example security config that only allows users with the role 'friend' to access the JBossWS console web application
    </description>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
      <role-name>friend</role-name>
  </auth-constraint>
</security-constraint>
Copy to Clipboard Toggle word wrap
返回顶部
Red Hat logoGithubredditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。 了解我们当前的更新.

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

Theme

© 2025 Red Hat