Temporary vulnerability patching method : add access password to jmx-console
1. Find the jmx-console.war directory under ${jboss.server.home.dir}/deploy and edit the WEB-INF/web.xml file to remove the comment of the security-constraint block to make it work
2.编辑WEB-INF/classes/jmx-console-users.properties或server/default/conf/props/jmx-console-users.properties (version >=4.0.2)和 WEB-INF/classes/jmx-console-roles.properties
or server/default/conf/props/jmx-console-roles.properties (version >=4.0.2) add username and password
3. Edit WEB-INF/jboss-web.xml to remove the comment of the security-domain block. The mapping file for the security-domain value is login-config.xml (this file defines the login authorization method)