Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

此内容没有您所选择的语言版本。

Chapter 10. Post Installation Configuration

10.1.  Post Installation Security Configuration
复制链接

When installed from the zip archive, authentication is required to access the majority of JBoss services, including administrative services. Consoles are secured by the JAAS security domain "jmx-console". At installation this security domain has no user accounts. This is to eliminate the possibility of default username/password based attacks. Refer to Procedure 10.1, “Create jmx-console, admin-console, and http invoker user account” to create a user account to access the consoles.
To disable authentication (useful for development, but not recommended for production), refer to Appendix A, Disabling Authentication.
When installed via the graphical installer, a JAAS security domain and a user account is created as part of the install process. Even if you change the name of the JAAS security domain during installation, the users are stored in the same place. Follow the instructions in Procedure 10.1, “Create jmx-console, admin-console, and http invoker user account” to edit your user account, or create a new one.

Procedure 10.1. Create jmx-console, admin-console, and http invoker user account

This procedure creates user with access permissions to the admin and jmx consoles, and the http invoker

  1. Create a user in the default JAAS security domain

    1. Edit the file $JBOSS_HOME/server/$PROFILE/conf/props/jmx-console-users.properties.
    2. Create a username = password pair.

      Important

      The commented admin=admin username and password pair is an example of the username/password definition syntax. Do not use this for your user account.

  2. Grant permissions to user

    1. Edit the file $JBOSS_HOME/server/$PROFILE/conf/props/jmx-console-roles.properties.
    2. Create an entry for the user of the form: 
      username=JBossAdmin,HttpInvoker
      Copy to Clipboard Toggle word wrap
      JBossAdmin
      Grant the user permission to access the JMX Console and Admin Console.
      HttpInvoker
      Grant the user permission to access the httpinvoker

10.1.2. Security Configuration: Web Console
复制链接

Procedure 10.2. Create web console user account

This procedure creates a user with access permissions to the web console

  1. Create a user in the web-console JAAS security domain

    1. Edit the file web-console-users.properties in jboss-as/server/$PROFILE/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/.
    2. Create a username = password pair.

      Important

      The commented admin=admin username and password is an example of the username/password definition syntax. Do not use this for your user account.

  2. Grant permissions to user

    1. Edit the file web-console-roles.properties in jboss-as/server/$PROFILE/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/.
    2. Create an entry for the user of the form: 
      username=JBossAdmin,HttpInvoker
      Copy to Clipboard Toggle word wrap
      JBossAdmin
      Grant the user permission to access the Web-Console
      HttpInvoker
      Grant the user permission to access the HTTP Invoker

10.1.3. Security Configuration: JBoss Messaging
复制链接

JBoss Messaging makes internal connections between nodes in order to redistribute messages between clustered destinations. These connections are made with the user name of a special reserved user whose password is specified in the property suckerPassword in the configuration file:

Procedure 10.3. Set suckerPassword for JBoss Messaging:

This procedure sets the password used by JBoss Messaging in a clustered environment
  1. Edit the file jboss-as/server/$PROFILE/deploy/messaging/messaging-jboss-beans.xml.
  2. Change the suckerPassword value.
返回顶部
Red Hat logoGithubredditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。 了解我们当前的更新.

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

Theme

© 2025 Red Hat