[WEB SECURITY] JBOSS JMX-Console HTTP Basic Authentication
rdx.guy at gmail.com
Thu Feb 13 14:41:22 EST 2014
If a JBOSS server is using HTTP Basic Authentication to access its
jmx-console, how safe it is?
If the above JBOSS is configured in a way, that it supports only HTTPS, how
safe HTTP Basic Authentication is?
If the above jboss is configured in a way that it uses HTTPS to access
jmx-console on one port e.g. 21017 BUT then there is another port 21018 on
which jmx-console is available on HTTP and using the same user-credentials
for HTTP Basic Authentication? How safe that is?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity