Secure the JBOSS server

CM System ships with the JBOSS application server.  JBOSS provides several system features that should be secured in a default installation.  The zip files linked to from this article can be extracted into an existing CM System installation to secure the following JBOSS services:

Status Servlet

Web Console

JMX Console

Invoker

Example files for CM System 6.7

Example files for CM System 7.x

Steps to Apply the Example Configuration

  • Download the files that are appropriate for your CM System version and save the zip file into the root of the installation tree.  C:\Rhythmyx by default. 
  • Stop the Rhythmyx instance and backup your installation tree. 
  • Extract the zip file to the Rhythmyx directory, overwriting existing configuration files. 

After extracting the files.  The Login Configuration needs to be updated.

Navigate to the Rhythmyx\AppServer\server\rx\conf\props directory.

The default security profile uses properties files to hold Roles and Users and Passwords.  The default password should be changed in each property file in this directory.  For example, to change the JMX administration user, edit the jmx-console-users.properties file, and change line:

# A sample users.properties file for use with the UsersRolesLoginModule
admin=admin
To

admin=newpassword

After configuring these files, the server can be restarted.  

The RX Services application also needs to be secured.  This is covered in the How To Secure the RX Services application article.

NOTE: JBOSS supports a myriad of  security options, this configuration is very basic and can be further secured depending on requirements.  For more information on this, please see the JBOSS documentation