Details
-
Bug
-
Resolution: Done
-
Major
-
JBossAS-5.0.0.CR2
-
None
Description
When I edit deploy/jmx-invoker-service.xml and uncomment the AuthenticationInterceptor one can still access the server without a password. (tried with shutdown.sh)
When I add AuthorizationInterceptor and try to shutdown server (no matter with or without a password) I get:
Exception in thread "main" java.lang.SecurityException: No active Subject found, add th AuthenticationInterceptor
... (for full stack trace, see the forum thread)
Seems that for some reason AuthenticationInterceptor is not working.
Here is how I the interceptors look like:
<interceptors>
<!-- Uncomment to require authenticated users -->
<interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor"
securityDomain="java:/jaas/jmx-console"/>
<interceptor code="org.jboss.jmx.connector.invoker.AuthorizationInterceptor"
authorizingClass="org.jboss.jmx.connector.invoker.RolesAuthorization"></interceptor>
<!-- Interceptor that deals with non-serializable results -->
<interceptor code="org.jboss.jmx.connector.invoker.SerializableInterceptor"
policyClass="StripModelMBeanInfoPolicy"/>
</interceptors>