HOME / SUPPORT / Deploying the AcuSensor agent for JAVA - Windows/Linux (JBOSS 7.4 Standalone + WAR File)

Deploying AcuSensor for Java - Windows/Linux (JBOSS 7.4 Standalone + WAR File)

This guide explains how you can run a Java application in JBOSS and then use AcuSensor to run an interactive application security testing (IAST) scan for that application.

Step 1: Prepare AcuSensor for Java

In this example, the test application is deployed to the following URL: http://127.0.0.1:8080/axexample-java/ (in a production environment, you will need to change this to the hostname you will use for your deployment).

  1. Create a new Target for your URL.
  2. Download AcuSensor for Java from the Acunetix UI and retain the AcuSensor.jar file for the next step (AcuSensor.jar is saved to C:\acusensor\ in our example). Change the paths accordingly if you are using the Java IAST Sensor on Linux.

Step 2: Deploy AcuSensor and the required components

  • Windows: Edit the contents of the %JBOSS_HOME%\bin\standalone.conf.bat file and add the following to the bottom of the file:

rem *** Acusensor settings

set "JAVA_OPTS=%JAVA_OPTS% -Dacusensor.debug.log=ON"

set "MODULE_OPTS=-javaagent:C:\acusensor\AcuSensor.jar

  • Linux: Edit the contents of the %JBOSS_HOME%/bin/standalone.conf file and add the following to the bottom of the file:

# *** Acusensor settings

JAVA_OPTS="$JAVA_OPTS -Dacusensor.debug.log=ON"

MODULE_OPTS="-javaagent:/acusensor/acusensor.jar"

Step 3: Deploy your application and start your JBOSS server

  1. Ensure that your web application is deployed.
  2. From the command line, navigate to your %JBOSS_HOME%\bin folder, and launch JBOSS.

Step 4: Test and scan your web application

  1. Point your browser to your web application to confirm it is running as intended.
  2. Run a scan on your Target. The Activity panel will confirm that AcuSensor was detected and used for the scan.

 

« Back to the Acunetix Support Page