0

我在域模式下运行 JBoss AS 7。当我将更改应用到 host.xml 时,我收到以下错误。

[主机控制器] 消息:JBAS014789:遇到意外的元素“{urn:jboss:domain:1.2}socket-binding”

我遵循了这个参考指南。

https://community.jboss.org/wiki/SecuringAdministrationConsoleWithHttps

主机.xml

<management>
        <security-realms>
            <security-realm name="ManagementRealm">
                <authentication>
                    <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                </authentication>
<server-identities>
<ssl>
<keystore path=".keystore" relative-to="jboss.home.dir" password="changeit"/>
</ssl>
</server-identities>
            </security-realm>
            <security-realm name="ApplicationRealm">
                <authentication>
                    <properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
                </authentication>
            </security-realm>
        </security-realms>
        <management-interfaces>
            <native-interface security-realm="ManagementRealm">
                <socket interface="management" port="${jboss.management.native.port:9999}"/>
            </native-interface>
            <http-interface security-realm="ManagementRealm">
                <socket interface="management" port="${jboss.management.http.port:9990}"/>
                <socket-binding https="management-https"/>
            </http-interface>
        </management-interfaces>
    </management>

谢谢!

4

2 回答 2

0

对特定行和列的配置文件进行正确更改,如堆栈跟踪 ParseError 中所示[row,col]:[x,y]

于 2013-12-26T00:26:00.250 回答
0

我一直在处理同样的问题,由于多种原因,这很棘手。我已经列出了对standalone.xml的更改,这些更改让我继续前进。不用说,您需要构建一个密钥库以供参考。

此配置中最有问题的部分是management.security-realms.security-realm<ssl>中的元素使用的语法与配置 .security-realm 中的元素时不同。我在这里列出了这两个元素以显示对比。您实际上不需要为 Web 服务配置 SSL 来保护您的控制台。我添加了额外的细节来展示它们的不同之处。 <ssl><subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host">


    <management>
    <security-realms>
        <security-realm name="ManagementRealm">
            <server-identities>
                <ssl protocol="TLS">
                  <keystore path="/my/path/to/certs/my_cert.jks" keystore-password="mypass"/>
                </ssl>
            </server-identities>
            <authentication>
                <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
            </authentication>
        </security-realm>
    </security-realms>
    <management-interfaces>
        <native-interface security-realm="ManagementRealm">
            <socket-binding native="management-native"/>
        </native-interface>
        <http-interface security-realm="ManagementRealm">
            <socket-binding http="management-console-https"/>
        </http-interface>
    </management-interfaces>
</management>
.
.
.
<profile>
.
.
.
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host">
    <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true">
        <ssl password="mypass" certificate-key-file="/my/path/to/certs/my_cert.jks" protocol="TLSv1" verify-client="false" certificate-file="/my/path/to/certs/my_cert.jks"/>
    </connector>
    <virtual-server name="default-host" enable-welcome-root="true">
        <alias name="localhost"/>
        <alias name="example.com"/>
    </virtual-server>
</subsystem>
.
.
.
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
    <socket-binding name="http" port="8080"/>
    <socket-binding name="https" port="8443"/>
.
.
.
    <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
    <socket-binding name="management-console-https" interface="management" port="${jboss.management.console.https.port:9991}"/>


此外,由于您不会使用它,请删除旧的套接字绑定:


<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>



我希望这个对你有用。

于 2014-01-04T02:34:02.407 回答