jboss security

I had a sinking feeling my jboss instance's security this morning. After attempting to access the jmx console remotely I decided that it was time to secure my jboss instance. At the very least this involved limiting access to jboss on my network and then making sure that jmx console access required a password.

The next step on my list is once again setting up openldap and tieing it into kerberos. After that I'll need to setup jaas in jboss to auth versus openldap.