3.5 JMXInvokerServlet configuration - 'usersProperties = props/jmx-console-users.properties'

Information

The jmx-invoker-service.xml is a service that exposes the JMX MBeanServer interface via an RMI compatible interface using the RMI/JRMP detached invoker service. This interface must be made unavailable to unprivileged users which can be done by using the org.jboss.jmx.connector.invoker.AuthenticationInterceptor interceptor for performing identification and authentication using JAAS.

Solution

Open JBOSS_HOME/server/@[email protected]/deploy/jmx-invoker-service.xml, and ensure the <operation> element with child element <name>invoke</name> also contains the following <interceptor>:

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

References: 800-53|AC-3, 800-53|AC-6, 800-53|IA-2, 800-53|IA-3, CAT|I

Plugin: Unix

Control ID: 0507bc9496d424744088db19d9cf18bcdd03afc22d9da695236313b13ac3f4a0