Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-10089

Security Guide instructions for Securing HTTP Invoker are actually for Securing JMX Invoker

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • TBD EAP 5
    • EAP_EWP 5.1.2
    • Documentation
    • None

      Investigations by rhn-support-jshepher surrounding JBPAPP-7410 have highlighted the fact that the content in the EAP docs suite regarding securing the HTTP Invoker is actually to do with the JMX Invoker.

      Jason recommends renaming the section to "Securing the Legacy Invokers" and advises that, since the HTTP Invoker is secured by default in EAP 5.1 and later, no content is required to replace the HTTP Invoker topic.

      This KBase article was provided as a reference point:
      https://access.redhat.com/knowledge/solutions/45530
      (Red Hat login required)

      Jason has also advised that this procedure can be tested by using telnet to confirm "we only bind the service on 4444 and 4445 to localhost", should this be required in the documentation.

      Resolving this issue will require:

      • Changing the title of the content (as mentioned above)
      • Changing references within the section from HTTP INvoker to JMX Invoker
      • Confirming that the content accurately reflects what is in the reference article linked above.
      • Requesting QA verification of the changes (including the testing advice if it is included).

      NOTE
      The content in question appears in the Installation Guide on the live docs site [1] but it has been moved to the Security Guide for the next release [2].

      1 https://access.redhat.com/knowledge/docs/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Installation_Guide/index.html#Adminstration_Console_User_Guide-Configuration-Security-HTTPInvoker

      2 http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Security_Guide/index.html#Adminstration_Console_User_Guide-Configuration-Security-HTTPInvoker

              rdickens_jira Russell Dickenson (Inactive)
              smumford_jira Scott Thomas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: