Version 2

    JBoss 4.2 EAP Binds to locahost by Default

     

    Frequently, users find that when they start the JBoss 4.2 EAP server using the "all" or "production" configurations, they find they cannot make remote connections to any of the services.  The server is only bound to localhost or 127.0.0.1.  Often it is first discovered because users cannot reach the jmx-console unless they access it via the localhost URL.

     

    Binding to localhost by default is new behavior in JBoss 4.2 EAP. Information about this can be found in the $JBOSS_HOME/readme.html file. Quoting from that document:

     

    JBossAS now binds its services to localhost (127.0.0.1) by default, instead of binding to all available interfaces (0.0.0.0). This was primarily done for security reasons because of concerns of users going to production without having secured their servers properly. To enable remote access by binding JBoss services to a particular interface, simply run jboss with the -b option, but be aware you still need to secure you server properly.