3.6 JMXInvokerServlet configuration - 'org.jboss.jmx.connector.invoker.RolesAuthorization = true'

Information

The jmx-invoker-service.xml is a service that exposes the JMX MBeanServer interface via an RMI compatible interface using the RMI/JRMP detached invoker service. Access control for authenticated users must be configured using the interceptors of either org.jboss.jmx.connector.invoker.RolesAuthorization or org.jboss.jmx.connector.invoker.ExternalizableRolesAuthorization.

Solution

Open JBOSS_HOME/server/@PROFILE@/deploy/jmx-invoker-service.xml, and ensure the <operation> element with child element <name>invoke</name> also contains the following <interceptor>:

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3, 800-53|AC-6, CAT|I

Plugin: Unix

Control ID: 41283956561dd337b068d851c1422371dfff1417e82d381d97a96dd8865386ce