This is based on this JBoss Wiki Page.
JBoss 6.x AS is distributed by default as not secured (locked up). If you want to work with locked up version you can try this easy way.
- Download Groovy script attached to this docment or check the latest version at https://github.com/pskopek/sec-script.
- Install Groovy:
- Use http://groovy.codehaus.org/Download
- Use your OS favourite method: Fedora: yum install groovy
- Run: groovy securejboss.groovy [JBOSS SERVER HOME]
You can specify more then one JBoss Server Home directories. In that case common/deploy content will generate warning because it already is secured.
check output for possible problems (pay special attention to warnings)
Note: Always test your installation if it is secured properly. The script currently supports JBoss AS 6.1.0.Final and 6.0.0.Final. Check later for JBoss AS 5 and 5.1 support.
The groovy script will lock everything in JBoss even the shutdown process. To enable it again you must follow this porcess :
Create a JMX user in the configuration file $JBOSS_HOME/server/default/conf/props/jmx-console-users.properties with the following pattern:USERNAME=PASSWORD
Give hime the HttpInvoker role by adding the following line to the file $JBOSS_HOME/server/default/conf/props/jmx-console-roles.properties:USERNAME=HttpInvoker
Edit the script according to your OS $SILVERPEAS_HOME/silverpeas_stop_jboss.sh or %SILVERPEAS_HOME%\silverpeas_stop_jboss.cmd to pass the USERNAME and the PASSWORD as parameters like this :sh shutdown.sh -u goliath -p CharybdeEtScylla -S