Set Up JBoss Server Authentication

We support vulnerability and compliance scans for JBoss servers. Simply create a JBoss Server record with details about your JBoss installation and operating mode. The same record may include details for both Windows and Unix installations.

System created authentication records

Did you know? You can allow the system to create JBoss Server authentication records for auto discovered instances and scan them.

Learn how to set this up >>

Which technologies are supported?

For the most current list of supported authentication technologies and the versions that have been certified for VM and PC by record type, please refer to the following article: 

Authentication Technologies Matrix

How do I get started?

- Go to Scans > Authentication.

- Check that you already have a record defined for each host running a JBoss server. For Windows hosts, a Windows record is required, and the record must have domain type "NetBIOS, User-Selected IPs" with the IP address assigned or the domain type "NetBIOS, Service-Selected IPs". For Unix hosts, a Unix record is required and must have the IP address assigned.

- Create a JBoss Server record for the same host (IP). Go to New > Applications > JBoss Server.

- Before launching a vulnerability scan pick Windows, Unix and JBoss Server authentication in your option profile. (All authentication options are used automatically for compliance scans.)

Note: If the Network Support feature is enabled, then the Windows/Unix record must have the same network selected as the JBoss server record.

Tell me about user permissionsTell me about user permissions

Managers can add authentication records. Unit Managers must be granted the permission Create/edit authentication records/vaults.

JBoss Server Record Settings

See help below for the settings that appear on each of the tabs within the JBoss Server record.

Record TitleRecord Title

This section has basic settings for the record.

Record title tab

Title - Give the JBoss Server record a title for easy identification.

Network - (Applicable when the Network Support feature is enabled.) Select the network you want to use for this JBoss Server record. The Global Default Network is selected by default but you can choose a user-created network from the list.

Status -  You can set the record as Active to enable it for authenticated scanning. Set it as Inactive to disable it.

Windows/Unix Configuration Windows/Unix Configuration 

Choose the Domain Controller or Standard operating mode to manage multiple JBoss Application Server instances from a single control point. You'll need to tell us where the Root directory, Base directory and Domain controller are installed.

Setting Windows and Unix Configuration.

Sample Configurations

Windows - Wildfly Standalone mode:

Root Directory - C:\wildfly11

Base Directory - C:\wildfly11\standalone

Base Configuration Directory - C:\wildfly11\standalone\configuration

Configuration File Path - C:\wildfly11\standalone\configuration\standalone.xml

 

Windows - Wildfly Domain Controller mode:

Root Directory - C:\wildfly11

Base Directory - C:\wildfly11\domain

Base Configuration Directory - C:\wildfly11\domain\configuration

Domain Configuration File Path - C:\wildfly11\domain\configuration\domain.xml

Host Configuration File - C:\wildfly11\domain\configuration\host.xml

 

Unix - JBoss Standalone mode:

Root Directory - /jboss-eap-6.3

Base Directory - /jboss-eap-6.3

Base Configuration Directory - /jboss-eap-6.3/standalone

Configuration File Path - /jboss-eap-6.3/standalone/configuration/standalone.xml

 

Unix - Wildfly Standalone mode:

Root Directory - /opt/wildfly-11.0.0.Final

Base Directory - /opt/wildfly-11.0.0.Final/standalone

Base Configuration Directory - /opt/wildfly-11.0.0.Final/standalone/configuration

Configuration File Path - /opt/wildfly-11.0.0.Final/standalone/configuration/standalone.xml

 

Unix - Wildfly Domain Controller mode:

Root Directory - /opt/wildfly-11.0.0.Final

Base Directory - /opt/wildfly-11.0.0.Final/domain

Base Configuration Directory - /opt/wildfly-11.0.0.Final/domain/configuration

Domain Configuration File Path - /opt/wildfly-11.0.0.Final/domain/configuration/domain.xml

Host Configuration File - /opt/wildfly-11.0.0.Final/domain/configuration/host.xml

 

Unix - Jboss Domain Controller mode:

Root Directory - /jboss-eap-6.3

Base Directory - /jboss-eap-6.3/domain

Base Configuration Directory - /jboss-eap-6.3/domain/configuration

Domain Configuration File Path - /jboss-eap-6.3/domain/configuration/domain.xml

Host Configuration File - /jboss-eap-6.3/domain/configuration/host.xml

IPv4/IPv6IPv4/IPv6

Enter or select the target compliance hosts (IPs) that you want to authenticate to with the credentials provided in this record. Each IP may be included in one JBoss Server record. Each IP may be included in one Infoblox record. You can add IPv4 and IPv6 addresses to your JBoss Server record.

IPs

Select IPs/Ranges - Click this link to select IPs/ranges from a list of IPs of IPv4 and IPv6 in your account.

Select Asset Group - Click this link to add IP addresses from asset groups in your account. In the Add IPs from Asset Group window, you'll see the groups listed with the IPs (IPv4 and IPv6) included in each group. There's also a search option so you can quickly find groups in the list. Select one or more groups and click Add. The IPs from the selected groups will be added to the record.

Remove - Click this link to remove IPs/ranges (IPv4 and IPv6) from the record. This is especially useful if you want to remove one or more IPs (IPv4 and IPv6) from within an IP range. In the pop-up that appears, enter the IPs/ranges to remove, and click Remove. The IPs section in the record will be updated with the IPs removed. 

Clear - Click this link to clear the entire IPv4 field.

Display each IP/Range on new line - Check this option to arrange each IPv4 address and IPv4 range on a new line instead of the comma-separated list.

CommentsComments

Provide important notes or comments for this record. 

comments