使用 SSL (HTTPS) 保护 JBoss 管理控制台不起作用

问题描述 投票:0回答:2

我正在域模式下运行 jboss-as-7.1.1.Final。当我将更改应用于 host.xml 和 domain.xml 时,我收到以下错误:

[主机控制器] 引起:javax.xml.stream.XMLStreamException:ParseError at [row,col]:[25,17] [主机控制器]消息:JBAS014789:遇到意外元素“{urn:jboss:domain:1.2}套接字绑定”

主机.XML

<host name="master" xmlns="urn:jboss:domain:1.2">

    <management>
        <security-realms>
            <security-realm name="ManagementRealm">
                <server-identities>
                    <ssl protocol="TLS">
                        <keystore path="keystore" relative-to="jboss.server.config.dir" password="password"/>
                    </ssl>
                </server-identities>
                <authentication>
                    <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                </authentication>
            </security-realm>
            <security-realm name="ApplicationRealm">
                <authentication>
                    <properties path="application-users.properties" relative-to="jboss.domain.config.dir"/>
                </authentication>
            </security-realm>
        </security-realms>
        <management-interfaces>
            <native-interface security-realm="ManagementRealm">
                <socket-binding native="management-native"/> 
            </native-interface>
            <http-interface security-realm="ManagementRealm">
                <socket-binding http="management-console-https"/> 
            </http-interface>
        </management-interfaces>
    </management>

域.XML

            <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host">
                <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
                <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true">
                    <ssl password="password" certificate-key-file="$PATH/keystore" protocol="TLSv1" verify-client="false" certificate-file="$PATH/keystore"/>
                </connector>
                <virtual-server name="default-host" enable-welcome-root="true">
                    <alias name="localhost"/>
                    <alias name="example.com"/>
                </virtual-server>
            </subsystem>

    <socket-binding-groups>
        <socket-binding-group name="full-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
            <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
            <socket-binding name="management-console-https" interface="management" port="${jboss.management.console.https.port:9143}"/>
            <socket-binding name="ajp" port="8009"/>
            <socket-binding name="http" port="8080"/>
            <socket-binding name="https" port="8443"/>
jboss jboss7.x
2个回答
1
投票

您应该使用 jboss-cli 而不是手动更新 XML。也就是说,您不能在管理界面中使用 socket-binding,但应该使用 socket 元素:

<http-interface security-realm="ManagementRealm">
    <socket interface="management" port="${jboss.management.http.port:9990}"/>
</http-interface>
0
投票

将“secure-port”添加到host.xml中的“http-interface”标签对我有用:

安全端口=“9143”/>

域.xml

端口=“9143”/>

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.