jmx-console in JBoss 7??

오늘 재미있는 내용을 봤다. jboss 5에서 사용하던 jmx-console을 7에 올리자는 jira가 있다는 것이다.

실제 WAR받아서 디플로이를 해봤더니.. 겉으로 봐서는 잘 동작하는 것 같아 보인다.

https://issues.jboss.org/browse/WFLY-1197

물론 그냥 WAR만 넣으면 security부분이 빠져서 로그인 절차 없이 바로 들어갈수 있다. 하지만 보안이 없다는 걸 죽기 보다 싫어하는 IT인들이기에 ApplicationRealm에 연동을 해봤다. ㅋㅋ 역쉬 잘된다.

정리한 내용은

Common setting for application : web.xml ~~~ <web-app> .. <security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>JBoss JMX Console</realm-name> </login-config> <security-role> <role-name>JBossAdmin</role-name> </security-role> </web-app> ~~~ ================================================================================================== Way 1 - Using applicationRealm and role 1.1. add user(application user) & Role EAP_HOME/bin/add-user.sh ~~~ What type of user do you wish to add? a) Management User (mgmt-users.properties) b) Application User (application-users.properties) (a): b Enter the details of the new user to add. Using realm 'ApplicationRealm' as discovered from the existing property files. Username : admin The username 'admin' is easy to guess Are you sure you want to add user 'admin' yes/no? yes Password : Re-enter Password : What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]: JBossAdmin About to add user 'admin' for r ealm 'ApplicationRealm' Is this correct yes/no? yes ~~~ 1.2.Edit jboss-web.xml ~~~ <jboss-web> <security-domain>java:/jaas/other</security-domain> </jboss-web> ~~~ Way 2 - Custom Security Domain & specific property files. 2.1. Edit standalone.xml ~~~ <security-domains> .... <security-domain name="jmx-console" cache-type="default"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="usersProperties" value="${jboss.server.config.dir}/jmx-console- users.properties"/> <module-option name="rolesProperties" value="${jboss.server.config.dir}/jmx-console- roles.properties"/> </login-module> </authentication> </security-domain> </security-domains> ~~~ 2.2. Edit jboss-web.xml ~~~ <jboss-web> <security-domain>java:/jaas/jmx-console</security-domain> </jboss-web> ~~~ 2.3. Edit property files EAP_HOME/standalone/configuration/jmx-console-users.properties ~~ admin=admin ~~ EAP_HOME/standalone/configuration/jmx-console-roles.properties ~~ admin=JBossAdmin ~~

참 재밌다...^^