KB95783448: Automation Engine - Can the JBoss version be upgraded to version 6

Question

Can the JBoss version be upgraded to version 6?

Your IT department is stating that Automation Engine is using Tomcat JBoss v4. They have determined that this version is a security risk.

Answer

The JBoss cannot be upgraded.

First of all, the webserver in the Automation Engine appserver is running on port 8080, this port is protected and should be protected by the firewall protecting the intranet from the customer, so the JMX and WS services mentioned can only be accessed on the intranet, not from the internet.

If you want to protect your installation against internal attacks, you can completely remove the JMX and WS services since they are normally not used in production.

Version 12

To do so, remove the following files from your appserver installation:

• C:\Esko\bg_prog_appsrv_v040_\jboss\server\default\deploy\jbossws14.sar
• C:\Esko\bg_prog_appsrv_v040_\jboss\server\default\deploy\jmx-console.war
• C:\Esko\bg_prog_appsrv_v040_\jboss\server\default\deploy\jmx-invoker-service.xml

Version 14

You can find those files in %bg_prog_fastserver_v140%\jboss\server\default\deploy

• C:\Esko\bg_prog_fastserver_v140_\jboss\server\default\deploy\jbossws14.sar
• C:\Esko\bg_prog_fastserver_v140_\jboss\server\default\deploy\jmx-console.war
• C:\Esko\bg_prog_fastserver_v140_\jboss\server\default\deploy\jmx-invoker-service.xml