Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-10089

Security Guide instructions for Securing HTTP Invoker are actually for Securing JMX Invoker

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • TBD EAP 5
    • EAP_EWP 5.1.2
    • Documentation
    • None

    Description

      Investigations by rhn-support-jshepher surrounding JBPAPP-7410 have highlighted the fact that the content in the EAP docs suite regarding securing the HTTP Invoker is actually to do with the JMX Invoker.

      Jason recommends renaming the section to "Securing the Legacy Invokers" and advises that, since the HTTP Invoker is secured by default in EAP 5.1 and later, no content is required to replace the HTTP Invoker topic.

      This KBase article was provided as a reference point:
      https://access.redhat.com/knowledge/solutions/45530
      (Red Hat login required)

      Jason has also advised that this procedure can be tested by using telnet to confirm "we only bind the service on 4444 and 4445 to localhost", should this be required in the documentation.

      Resolving this issue will require:

      • Changing the title of the content (as mentioned above)
      • Changing references within the section from HTTP INvoker to JMX Invoker
      • Confirming that the content accurately reflects what is in the reference article linked above.
      • Requesting QA verification of the changes (including the testing advice if it is included).

      NOTE
      The content in question appears in the Installation Guide on the live docs site [1] but it has been moved to the Security Guide for the next release [2].

      1 https://access.redhat.com/knowledge/docs/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Installation_Guide/index.html#Adminstration_Console_User_Guide-Configuration-Security-HTTPInvoker

      2 http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Security_Guide/index.html#Adminstration_Console_User_Guide-Configuration-Security-HTTPInvoker

      Attachments

        Issue Links

          relates to

          Bug - A problem that impairs or prevents the functions of the product. JBPAPP-7410 "Securing the HTTPInvoker" section in the Installation Guide contains content for EAP 4, and not EAP 5

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed

          Activity

            People

              rdickens_jira Russell Dickenson (Inactive)
              smumford_jira Scott Thomas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: