How to block external requests in Jboss?

Navigation
1

How do I block an external application from accessing my web application? Is there any way to block this?

    
asked by anonymous 25.09.2015 / 19:31

2 answers

0

In jBoss older versions, you can pass the -b parameter X.X.X.X to only your machine can request Jboss.

Source: link

In the newer version of Jboss use the -Djboss.bind.address = X.X.X.X

Where, X.X.X.X is your ip.

    
25.09.2015 / 21:59
-1

See if you can help:

link

  • Identify the web application that needs to be restricted access (Lets call this as ABCWebApp). Update the web.xml file, you will probably need to add the following lines:

    • File: /usr/local/jboss-5.1.0.GA/server/default/deploy/ABCWebApp/WEB-INF/web.xml 

    <!– add a security-contraint to

a resource in your application that needs to be

restricted –>

<security-constraint>

<web-resource-collection>

<web-resource-name>Secure Content</web-resource-name>

<url-pattern>/*</url-pattern>

<!– if you need any particular directory, you can have the pattern as /dir_name/* –>

</web-resource-collection>

<auth-constraint>

<role-name>ABCWebAppUser</role-name>

</auth-constraint>

</security-constraint>

<!– define the type of authentication mechanism to be used –>

<login-config>

<auth-method>BASIC</auth-method>

<realm-name>ABCWebApp – Restricted Zone</realm-name>

</login-config>

<!– defie the role that are allowed to access the restricted zone –>

<security-role>

<description>The role required to access restricted content </description>

<role-name>ABCWebAppUser</role-name>

</security-role>
  • Add or update the existing jboss-web.xml file under your web application to use the security policy

    • File: /usr/local/jboss-5.1.0.GA/server/default/deploy/ABCWebApp/WEB-INF/jboss-web.xml 

    <?xml version=”1.0″ encoding=”UTF-8″?>

<jboss-web>

<context-root />

java:/jaas/ABCWebApp_Policy

<!– This policy needs to be defined in the login-config.xml –>

</jboss-web>
  • Define the policy in step 2 in login-config.xml. Add following lines

    • File: /usr/local/jboss-5.1.0.GA/server/default/conf/login-config.xml 

    <!– A template configuration for the ABCWebApp web application. This

defaults to the UsersRolesLoginModule the same as other and should be

changed to a stronger authentication mechanism as required.

–>

<application-policy name=”ABCWebApp_Policy”>

<authentication>

<login-module code=”org.jboss.security.auth.spi.UsersRolesLoginModule”

flag=”required”>

<!– define property file which has username / password –>

<module-option name=”usersProperties”>props/ABCWebApp_Policy-users.properties</module-option>

<!– define property file which has role for the above users –>

<module-option name=”rolesProperties”>props/ABCWebApp_Policy-roles.properties</module-option>

</login-module>

</authentication>

</application-policy>
  • Create the property file for the user credentials (defied in step 3)

    • File: /usr/local/jboss-5.1.0.GA/server/default/conf/props/ABCWebApp_Policy-users.properties 

    # A sample users.properties file for use with the UsersRolesLoginModule

ashish = pass1234

shukla = pass1234

ashishshukla = pass1234

ashishpshukla = pass1234
  • Create the property file for the user roles (defied in step 3), Note the roles should be defined in step 1

    • File: /usr/local/jboss-5.1.0.GA/server/default/conf/props/ABCWebApp_Policy-roles.properties 

    ashish = ABCWebAppUser

shukla = ABCWebAppUser

ashishshukla = ABCWebAppUser

ashishpshukla = ABCWebAppUser
        
    25.09.2015 / 19:42
    Doubt with foreach with group by asp.net mvc Problems with algorithm to calculate NPV and TIR