SecureJBoss

Currently Being Moderated

VERSION 18

Created on: Feb 7, 2004 8:00 AM by unknownMigrationUser - Last Modified: May 7, 2009 8:34 PM by Hsing-Tsu Lai

Securing JBoss

Premise

When you first download JBoss, it comes as an easy-to-install zip file. Upon installation, you can easily deploy EJBs, web applications and a whole array of services. However, you may be suprised how easy it is to compromise the services. JBossSX can fix that by securing those functions.

These are the steps to secure the default download of JBoss:

Secure the Jmx Console
Secure a Web Application In JBoss
Remove the Invokers or Secure the Invokers
Remove or restrict RMI ClassLoading service
Secure JBossMQ (Need to change to JBoss Messaging)
Remove HSQLDB
Using JBoss Behind A Firewall
Set Up A Keystore or SSL Setup
Limit Access to Certain Clients
How to Run JBoss with a Java Security Manager

http://sourceforge.net/docman/display_doc.php?docid=20143&group_id=22866

Tags: jbossas, security

Average User Rating

(0 ratings)

Comments (1)

May 7, 2009 2:20 PM

André castanheira says:

These steps seem to be outdated, is there new steps for the new versions of Jboss?

JBoss Community

SecureJBoss

Created on: Feb 7, 2004 8:00 AM by unknownMigrationUser - Last Modified: May 7, 2009 8:34 PM by Hsing-Tsu Lai

Securing JBoss

Premise

These are the steps to secure the default download of JBoss:

Related

Post a comment

Actions

More Like This

Incoming Links

More by unknownMigrationUser