-
Bug
-
Resolution: Done
-
Major
-
EAP_EWP 5.1.2
-
None
-
Not Required
-
NEW
Investigations by rhn-support-jshepher surrounding JBPAPP-7410 have highlighted the fact that the content in the EAP docs suite regarding securing the HTTP Invoker is actually to do with the JMX Invoker.
Jason recommends renaming the section to "Securing the Legacy Invokers" and advises that, since the HTTP Invoker is secured by default in EAP 5.1 and later, no content is required to replace the HTTP Invoker topic.
This KBase article was provided as a reference point:
https://access.redhat.com/knowledge/solutions/45530
(Red Hat login required)
Jason has also advised that this procedure can be tested by using telnet to confirm "we only bind the service on 4444 and 4445 to localhost", should this be required in the documentation.
Resolving this issue will require:
- Changing the title of the content (as mentioned above)
- Changing references within the section from HTTP INvoker to JMX Invoker
- Confirming that the content accurately reflects what is in the reference article linked above.
- Requesting QA verification of the changes (including the testing advice if it is included).
NOTE
The content in question appears in the Installation Guide on the live docs site [1] but it has been moved to the Security Guide for the next release [2].
- relates to
-
JBPAPP-7410 "Securing the HTTPInvoker" section in the Installation Guide contains content for EAP 4, and not EAP 5
- Closed