3.5 JMXInvokerServlet servlet configuration - 'rolesProperties = props/jmx-console-roles.properties'

Information

The jmx-invoker-service.xml is a service that exposes the JMX MBeanServer interface via an RMI compatible interface using the RMI/JRMP detached invoker service. This interface must be made unavailable to unprivileged users which can be done by using the org.jboss.jmx.connector.invoker.AuthenticationInterceptor interceptor for performing identification and authentication using JAAS.

Solution

Open JBOSS_HOME/server/@[email protected]/deploy/jmx-invoker-service.xml, and ensure the <operation> element with child element <name>invoke</name> also contains the following <interceptor>:

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

References: 800-53|AC-3, 800-53|AC-6, 800-53|IA-2, 800-53|IA-3, CAT|I

Plugin: Unix

Control ID: 9f27118c8773c2a18fdb0d385e27e63207fec9c3235ac835f27b9f5b1f9a4f5f