# su jboss
# cd /home/tools
# unzip jboss-4.2.3.GA.zip -d /opt/
# create group - change group id as needed
groupadd jboss
# create user - change user id as needed
useradd -g jboss -c "JBoss Admin" –G root jboss
# vim /etc/profile
JBOSS_HOME=/opt/jboss-4.2.3.GA
PATH=$PATH:$JBOSS_HOME/bin
export JBOSS_HOME PATH
# source /etc/profile
# echo $JBOSS_HOME
# chmod -Rf 755 $JBOSS_HOME
# vim jboss_init_redhat.sh
Add at front:
#JBOSS_HOST=${JBOSS_HOST:-"0.0.0.0"}
JBOSS_HOST=${JBOSS_HOST:-"10.240.135.18"}
Update the attributes:
JBOSS_HOME=${JBOSS_HOME:-"/opt/jboss-4.2.3.GA"}
JBOSS_USER=${JBOSS_USER:-"jboss"}
JAVAPTH=${JAVAPTH:-"/usr/java/jdk1.5.0_16/bin"}
JBOSS_CONF=${JBOSS_CONF:-”default”}
#if JBOSS_HOST specified, use -b to bind jboss services to that address
JBOSS_BIND_ADDR=${JBOSS_HOST:+"-b $JBOSS_HOST"}
#JBOSSSH=${JBOSSSH:-"$JBOSS_HOME/bin/run.sh -c $JBOSS_CONF"}
JBOSSSH=${JBOSSSH:-"$JBOSS_HOME/bin/run.sh -c $JBOSS_CONF $JBOSS_BIND_ADDR"}
Config for the shut down
#JBOSSCP=${JBOSSCP:-"$JBOSS_HOME/bin/shutdown.sh -S -s $JBOSS_HOST"}
JBOSS_CMD_STOP=${JBOSS_CMD_STOP:-"cd $JBOSS_HOME/bin; $JBOSSCP"}
# vim run.conf
Update [Xmx can be set as the 80% of the max available memory]:
JAVA_OPTS=-Xms512m –Xmx1024m
Security jmx-console:
#vim deploy/jmx-console.war/WEB-INF/jboss-web.xml
Uncomment this part:
<security-domain>java:/jaas/jmx-console</security-domain>
#vim deploy/jmx-console.war/WEB-INF/web.xml
Uncomment this part:
<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAdaptor</web-resource-name>
<description>An example security config that only allows users with the
role JBossAdmin to access the HTML JMX console web application
</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
Check the user file path of jmx-console:
#cat conf/login-config.xml
Update the user & password [Format username=password]:
#vim conf/props/jmx-console-users.properties
admin=########
Security web-console:
#vim deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml
Uncomment this part:
<jboss-web>
<depends>jboss.admin:service=PluginManager</depends>
</jboss-web>
#vim deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
Uncomment this part:
<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAdaptor</web-resource-name>
<description>An example security config that only allows users with the
role JBossAdmin to access the HTML JMX console web application
</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
Check the user file path of web-console:
#cat conf/login-config.xml
Update the user & password [Format username=password]:
#vim console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties
admin=########
Security invoker
Uncomment this paragraph in the “/deploy/jmx-invoker-service.xml” file.
<!-- Uncomment to require authenticated users
<interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor"
securityDomain="java:/jaas/jmx-console"/>
-->
