如何在Jboss-eap-5.1中禁用对jboss管理控制台的访问
[英]How to disable access to jboss admin console in Jboss-eap-5.1
问题描述
I have a requirement to disable access to jboss admin console. 
我需要禁用对jboss管理控制台的访问。 URL for that is http://[hostname]:[port]/admin-console/login.seam 该URL为http:// [主机名]:[端口] /admin-console/login.seam
Jboss version is jboss-eap-5.1 Jboss版本是jboss-eap-5.1
Operating System is Red Hat Enterprise Linux Server release 6.2 (Santiago) 操作系统是Red Hat Enterprise Linux Server 6.2版(圣地亚哥)
I went through blogs/sites, but most of them are talking about enabling the security for console or managing the on-demand deployment. 我浏览了博客/站点,但是其中大多数都在谈论为控制台启用安全性或管理按需部署。 But this is not what we want. 但这不是我们想要的。 In our case, No user (internal/external) should be able to access the admin console. 在我们的情况下,任何用户(内部/外部)都不能访问管理控制台。
few of them are: 其中几个是:
https://docs.jboss.org/jbossas/6/Admin_Console_Guide/en-US/html/Administration_Console_User_Guide-Accessing_the_Console.html https://docs.jboss.org/jbossas/6/Admin_Console_Guide/en-US/html/Administration_Console_User_Guide-Accessing_the_Console.html
https://www.outsystems.com/forums/discussion/10479/tip-activating-admin-console-and-jmx-console-in-jboss-5-x-and-securing-access/ https://www.outsystems.com/forums/discussion/10479/tip-activating-admin-console-and-jmx-console-in-jboss-5-x-and-securing-access/
This link talks about the same but for version 6x. 此链接讨论的内容相同,但版本6x相同。 which has different directory structure than 5x. 目录结构与5x不同。 https://access.redhat.com/solutions/192483 https://access.redhat.com/solutions/192483
Please Help!! 请帮忙!!
2 个解决方案
解决方案1
1 2016-11-24 12:58:57
You can disable the jmx console application. 您可以禁用jmx控制台应用程序。 To do it: 去做吧:
1 - Go to JBoss deploy folder 1-转到JBoss部署文件夹
2 - Rename the folder jmx-console.war to jmx-console.war.rej 2-将文件夹jmx-console.war重命名为jmx-console.war.rej
Or, you can remove the jmx-invoker service: 或者,您可以删除jmx-invoker服务:
1 - Go to JBoss deploy folder 1-转到JBoss部署文件夹
2 - Rename the file jmx-invoker-service.xml to jmx-invoker-service.xml.rej 2-将文件jmx-invoker-service.xml重命名为jmx-invoker-service.xml.rej
Ps.: Renaming the files to '.rej' is just a way to see that the files are still there (But JBoss will ignore). 附言:将文件重命名为“ .rej”只是一种查看文件仍然存在的方式(但是JBoss将忽略)。 You can as well delete these files/folders I mentioned. 您也可以删除我提到的这些文件/文件夹。
解决方案2
1 2017-12-01 05:42:54
We have finally decided how to fix this (credit to Elvis Rocha also for giving the suggestion). 我们终于决定了如何解决此问题(埃尔维斯·罗查(Elvis Rocha)也提供了该建议,以示感谢)。
For this, we have made changes at jboss level to disable below URLs 为此,我们在jboss级别进行了更改以禁用以下URL
1) To disable https://<host>:<port>/admin-console/login.seam - Rename “admin-console.war” file as “admin-console_disabled” under location <jboss_home>/server/<server_name>/deploy 1) To disable https://<host>:<port>/admin-console/login.seam Rename “admin-console.war” file as “admin-console_disabled” under location <jboss_home>/server/<server_name>/deploy
2) To disable https://<host>:<port>/jmx-console - Rename “jmx-console.war” file as “jmx-console_disabled” under location <jboss_home>/server/<server_name>/deploy 2) To disable https://<host>:<port>/jmx-console Rename “jmx-console.war” file as “jmx-console_disabled” under location <jboss_home>/server/<server_name>/deploy
3) To disable https://<host>:<port> - Rename “index.html” file as “index_disabled” under location <jboss_home>/server/<server_name>/deploy/ROOT.war 3) To disable https://<host>:<port> - Rename “index.html” file as “index_disabled” under location <jboss_home>/server/<server_name>/deploy/ROOT.war
Note - Remember that these are for jboss version 5.1. 注意 -请记住,这些是针对jboss 5.1版的。 If you have any other version then file and path might change accordingly. 如果您有其他版本,则文件和路径可能会相应更改。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.