Hide Forgot
Affects: Documentation (Ref Guide, User Guide, etc.), Release Notes Date of First Response: 2008-10-14 04:36:39 project_key: SOA As of the 4.2 SOA-P release, access to the consoles (hostname:8080) is restricted to localhost by default. The enterprise console (hostname:7080) in contrast is open by default.
Affects: Added: [Documentation (Ref Guide, User Guide, etc.), Release Notes]
To clarify: The standard JBoss ESB Management Console can only be accessed from localhost by default. This limitation does not apply to JON Is the intent in the "JON for SOA" product to restrict JON by default as well ? I'm a little unclear as to exactly what I am telling the customer. How does this relate to SOA? JON (even the JON for SOA) is a seperate product isn't it?
The following text is being included to the JON material in the SOA4.3 Administration Guide. WARNING Access to the JON console is not retricted to the local server like the embedded JBoss SOA Platform consoles are. This grants you greater freedom in its use but also means you cannot rely on those restrictions to ensure the security of the JON console.
Assigning to QE to verify that the change is (also) in the 4.3 CP01 docs.
Changed fixed-in version to CP02 - fix will be verified when a new version of JON is available.
Still an issue as of JON 2.3 - SOA-P 4.3 CP02
Link: Added: This issue is related to JBPAPP-3520
This warning text is still currently present in the 4.3.CP03 Admin Guide. Please confirm before CP release goes live if it should be in or out. Thanks and cheers.
This issue is not approved for SOA 4.3 CP03. If this needs to be reconsidered, please raise the issue with the SOA PM team.
Per 2/22/11 SOA-P PM meeting, closing as won't fix.
Temporarily reopening to update release note info.
Release Notes Docs Status: Added: Not Required Writer: Added: dlesage