Version 3

    JBoss AS is distributed by default as not secured (locked up).

    If you want to work with locked up version you can try this easy way.

     

    1. Download Groovy script (source code at https://github.com/pskopek/sec-script).
    2. Install Groovy:
      -- use http://groovy.codehaus.org/Download
      -- use your OS favourite method: Fedora: yum install groovy
    3. run: groovy securejboss.groovy <JBOSS SERVER HOME>
      You can specify more then one JBoss Server Home directories. In that case common/deploy content will generate warning because it already is secured.
    4. check output for possible problems (pay special attention to warnings)

     

    Note: Always test your installation if it is secured properly.

     

    The script currently supports JBoss AS 6.1.0.Final and 6.0.0.Final. Check later for JBoss AS 5 and 5.1 support.

     

    Example on Fedora:

     

    1. wget https://github.com/pskopek/sec-script/raw/master/script/securejboss.groovy

    2. unzip -q ~/Downloads/jboss-as-distribution-6.1.0.Final.zip (already downloaded in $HOME/Downloads directory)

    3. sudo yum install groovy

    4. groovy securejboss.groovy jboss-6.1.0.Final/server/default/

    Output example:

    Working on ServerHome=jboss-6.1.0.Final/server/default/

    JBoss AS Version: 6.1.0.Final

    securing JBoss Security Domain: jmx-console

    Done

    securing jmx-console.war

    Done

    securing HttpInvoker

    Done

    securing JBoss Security Domain: JBossWS

    Done

    securing jbossws-console.war

    Done

    securing JMXConnector

    Done

    securing JBoss Security Domain: hornetq

    Done