3.6 JMXInvokerServlet configuration - 'usersProperties = props/jmx-console-users.properties'

Information

The jmx-invoker-service.xml is a service that exposes the JMX MBeanServer interface via an RMI compatible interface using the RMI/JRMP detached invoker service. Access control for authenticated users must be configured using the interceptors of either org.jboss.jmx.connector.invoker.RolesAuthorization or org.jboss.jmx.connector.invoker.ExternalizableRolesAuthorization.

Solution

Open JBOSS_HOME/server/@[email protected]/deploy/jmx-invoker-service.xml, and ensure the <operation> element with child element <name>invoke</name> also contains the following <interceptor>:

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

References: 800-53|AC-3, 800-53|AC-6, 800-53|IA-2, 800-53|IA-3, CAT|I

Plugin: Unix

Control ID: 7a5579a07a1c05d29f5830890160b4229cd14577d81786052ea3d4e8029099e0