Applications

WildFly on Windows User Guide

| Product: WildFly on Windows

Overview

The WildFly on Windows AMI by cloudimg provides a fully preconfigured WildFly Application Server installation running on Windows Server. WildFly (formerly JBoss AS) is a flexible, lightweight, open source Java application server that implements the latest Java EE and Jakarta EE standards. It is the upstream community project for Red Hat JBoss Enterprise Application Platform.

This AMI includes WildFly 26.1.2.Final preconfigured as a Windows Service that starts automatically on boot. The WildFly Administration Console is accessible via a web browser on port 9990, and the WildFly Welcome Page is available on port 8080, giving you a fully operational application server within minutes of launching the instance.

This guide walks you through connecting to the Windows instance via Remote Desktop, managing the WildFly service, creating an administrator user for the management console, deploying Java applications, and applying security best practices.

Visit www.cloudimg.co.uk to explore the full catalogue of preconfigured AMIs available on the AWS Marketplace.

Prerequisites

Before launching the WildFly on Windows AMI, ensure you have the following in place.

AWS Account You need an active AWS account with permissions to launch EC2 instances and manage security groups.

EC2 Key Pair Create or select an existing EC2 key pair in the region where you plan to launch the instance. This key pair is required to decrypt the Windows Administrator password.

Remote Desktop Client You need a Remote Desktop Protocol (RDP) client installed on your local machine. Options include Microsoft Remote Desktop (macOS/Windows), Remmina (Linux), or any compatible RDP client.

Security Group Configuration Your security group must allow inbound traffic on the following ports:

Protocol Type Port Description
RDP TCP 3389 Remote Desktop access
TCP TCP 9990 WildFly Administration Console
TCP TCP 8080 WildFly Welcome Page and application access

Restrict RDP access to your own IP address or a trusted CIDR range. The WildFly management port (9990) should also be limited to trusted administrators only.

Minimum System Requirements

Minimum CPU Minimum RAM Required Disk Space
1 vCPU 1 GB 30 GB

For production workloads, consider a t3.medium or larger instance type with at least 4 GB of RAM for consistent performance under load.

Step by Step Setup

Step 1: Launch the Instance

  1. Open the AWS Marketplace listing for WildFly on Windows by cloudimg.
  2. Click Continue to Subscribe, then Continue to Configuration.
  3. Select your preferred AWS Region and instance type.
  4. On the launch page, choose your VPC, subnet, and assign the security group you prepared above.
  5. Select your EC2 key pair and launch the instance.

Step 2: Wait for Status Checks

Allow the EC2 instance to reach 2/2 status checks passed before attempting to connect. Windows instances may take several minutes to complete their initial boot process.

Step 3: Retrieve the Windows Administrator Password

  1. Log in to the AWS Console and navigate to EC2 > Instances.
  2. Select the radio button next to your newly launched instance.
  3. Click Actions > Security > Get Windows password.
  4. Click Browse and upload the .pem key pair file that was selected during launch.
  5. Click Decrypt password.
  6. The Administrator password will appear in plain text. Copy this value and store it securely.

Step 4: Connect via Remote Desktop

  1. Open your Remote Desktop client application.
  2. Create a new connection using the public IP address of your EC2 instance.
  3. If your instance is on a private subnet and you have a VPN connection, use the private IP address instead.
  4. Click Add or Connect.
  5. When prompted for credentials, enter:
  6. Username: Administrator
  7. Password: The decrypted password from Step 3
  8. Click Continue.
  9. If a certificate warning appears stating the certificate could not be verified back to a root certificate, click Continue to proceed.

You should now see the Windows Server desktop.

Step 5: Verify the WildFly Service Is Running

The WildFly service starts automatically on boot. To verify it is running:

  1. Open the Start Menu and search for Services.
  2. Click Services to open the Services management console.
  3. Locate the Wildfly service in the list.
  4. Verify that the Status column shows Running and Startup Type shows Automatic.

The service properties show: - Service name: Wildfly - Display name: Wildfly - Description: Wildfly Application Server - Path to executable: C:\wildfly-26.1.2.Final\bin\service\wildfly-service.exe //RS//Wildfly - Startup type: Automatic

Step 6: Verify the WildFly Welcome Page

Open a web browser and navigate to:

http://<PUBLIC_IP>:8080

You should see the WildFly Welcome Page confirming the application server is running.

Step 7: Create a Management User

Before accessing the Administration Console, you must create a management user. Open a Command Prompt as Administrator and run:

cd C:\wildfly-26.1.2.Final\bin
add-user.bat

The script will prompt you through the following steps:

  1. What type of user do you wish to add? Enter a for Management User.
  2. Username: Enter your desired username (for example, admin). If the user already exists, choose option a to update the existing user's password and roles.
  3. Password: Enter a strong password. The password must contain at least 8 characters, including 1 alphabetic character, 1 digit, and 1 non alphanumeric symbol. It must not be the same as the username or a restricted value (root, admin, administrator).
  4. Re-enter Password: Confirm the password.
  5. What groups do you want this user to belong to? Press Enter to leave blank.
  6. Is this new user going to be used for one AS process to connect to another? Enter no.

Step 8: Access the WildFly Administration Console

Navigate to the WildFly Administration Console:

http://<PUBLIC_IP>:9990

A sign in popup will appear. Enter: - Username: The management username you created (for example, admin) - Password: The password you set in the add-user script

Click Sign In. The WildFly Application Server management console will load, providing access to: - Deployments for adding and managing deployed applications - Configuration for subsystem settings and datasource creation - Runtime for monitoring server status, JVM metrics, and log files - Patching for managing WildFly full patches - Access Control for assigning user roles and permissions

Server Components

The WildFly on Windows AMI includes the following preconfigured components.

Component Version Description
WildFly 26.1.2.Final Open source Java application server (Jakarta EE and Java EE)
Java Latest compatible version Java Runtime Environment required by WildFly
Windows Server 2012 R2 or later Windows Server operating system

WildFly is installed at C:\wildfly-26.1.2.Final and is registered as a Windows Service for automatic startup.

Filesystem Layout

The AMI uses a single C: drive containing the operating system and all WildFly components.

Drive Description
C: Local disk containing Windows Server, WildFly, and Java

Key directories and their purposes:

Path Purpose
C:\wildfly-26.1.2.Final WildFly installation directory
C:\wildfly-26.1.2.Final\bin WildFly binaries, scripts, and service management tools
C:\wildfly-26.1.2.Final\bin\service Windows Service executable and configuration
C:\wildfly-26.1.2.Final\standalone Standalone server configuration, deployments, and data
C:\wildfly-26.1.2.Final\standalone\configuration Server configuration files including standalone.xml
C:\wildfly-26.1.2.Final\standalone\deployments Application deployment directory (hot deploy folder)
C:\wildfly-26.1.2.Final\standalone\log Server log files
C:\wildfly-26.1.2.Final\domain Domain mode configuration (for multi server setups)

Managing Services

The WildFly service is managed through the Windows Services console or via the command line.

Using the Windows Services Console

  1. Open the Start Menu and search for Services.
  2. Locate Wildfly in the service list.
  3. Right click to Start, Stop, Pause, Resume, or change the Startup Type.

Using the Command Line

Open a Command Prompt as Administrator:

:: Check the WildFly service status
sc query Wildfly

:: Stop the WildFly service
net stop Wildfly

:: Start the WildFly service
net start Wildfly

:: Restart the WildFly service
net stop Wildfly && net start Wildfly

Using PowerShell

# Check service status
Get-Service Wildfly

# Stop the service
Stop-Service Wildfly

# Start the service
Start-Service Wildfly

# Restart the service
Restart-Service Wildfly

Changing the Startup Type

To prevent WildFly from starting automatically on boot:

sc config Wildfly start=demand

To re-enable automatic startup:

sc config Wildfly start=auto

Scripts and Log Files

Script or Log Path Description
add-user.bat C:\wildfly-26.1.2.Final\bin Create or modify management and application users
standalone.bat C:\wildfly-26.1.2.Final\bin Start WildFly in standalone mode (manual start)
jboss-cli.bat C:\wildfly-26.1.2.Final\bin WildFly command line interface for administration
server.log C:\wildfly-26.1.2.Final\standalone\log Main WildFly server log file
standalone.xml C:\wildfly-26.1.2.Final\standalone\configuration Primary server configuration file
mgmt-users.properties C:\wildfly-26.1.2.Final\standalone\configuration Management user credentials store
application-users.properties C:\wildfly-26.1.2.Final\standalone\configuration Application user credentials store

Deploying Applications

Hot Deployment

The simplest way to deploy a Java application is to copy your WAR, EAR, or JAR file into the deployments directory:

copy C:\path\to\your\application.war C:\wildfly-26.1.2.Final\standalone\deployments\

WildFly will automatically detect and deploy the application. A .deployed marker file will appear once deployment is complete. If deployment fails, a .failed marker file will be created instead.

Using the Administration Console

  1. Log in to the Administration Console at http://<PUBLIC_IP>:9990.
  2. Click Deployments on the homepage.
  3. Click Deploy an Application and browse to your WAR, EAR, or JAR file.
  4. Follow the wizard to upload and enable the deployment.

Using the CLI

Open a Command Prompt and launch the WildFly CLI:

cd C:\wildfly-26.1.2.Final\bin
jboss-cli.bat --connect
deploy C:\path\to\your\application.war

To undeploy an application:

undeploy application.war

Configuring a Datasource

To connect your application to a database, use the Administration Console:

  1. Navigate to Configuration > Subsystems > Datasources.
  2. Click Create a Datasource.
  3. Follow the wizard to specify the JDBC driver, connection URL, username, and password.
  4. Test the connection before saving.

Troubleshooting

Cannot connect via RDP

  • Confirm the instance has reached 2/2 status checks in the EC2 console.
  • Verify your security group allows inbound TCP traffic on port 3389 from your IP address.
  • Ensure you are using the correct decrypted Administrator password.
  • Try using the private IP address if you have a VPN connection to the VPC.

WildFly service is not running

  • Open Services and check the status of the Wildfly service.
  • If the service has stopped, check the server log at C:\wildfly-26.1.2.Final\standalone\log\server.log for error messages.
  • Ensure there is sufficient disk space on the C: drive.
  • Verify that Java is properly installed: open a Command Prompt and run java -version.

Cannot access the Administration Console on port 9990

  • Verify the Wildfly service is running.
  • Ensure you have created a management user using the add-user.bat script. The console requires authentication and will not be accessible without a management user.
  • Check that port 9990 is open in your security group.
  • If accessing from the local server, try http://localhost:9990.

Cannot access the Welcome Page on port 8080

  • Verify the Wildfly service is running.
  • Check that port 8080 is open in your security group.
  • Review the server log for startup errors.

Deployment fails

  • Check for .failed marker files in the deployments directory.
  • Review the server log at C:\wildfly-26.1.2.Final\standalone\log\server.log for deployment error details.
  • Verify the application is compatible with the installed WildFly version.
  • Ensure there is sufficient disk space for the deployment.

Password requirements not met during add-user

  • The password must be at least 8 characters long.
  • It must contain at least 1 alphabetic character, 1 digit, and 1 non alphanumeric symbol.
  • It must not match the username or be a restricted value such as root, admin, or administrator.

Port conflicts

  • If port 8080 or 9990 is already in use by another application, WildFly may fail to start.
  • Check for conflicting services: netstat -an | findstr 8080 or netstat -an | findstr 9990.

Security Recommendations

Change the Windows Administrator Password

After first login, change the default Administrator password through Windows:

  1. Press Ctrl+Alt+Del (or use the RDP client's equivalent).
  2. Select Change a password.
  3. Enter the current password and set a new strong password.

Note: Once you change the password, it cannot be retrieved again from the AWS Console.

Restrict RDP Access

Limit RDP (port 3389) to specific trusted IP addresses in your security group. Never expose RDP to 0.0.0.0/0. Consider using a bastion host or AWS Systems Manager for remote access.

Restrict Management Console Access

Port 9990 provides full administrative control over the WildFly server. Only open this port to trusted administrator IP addresses. For production environments, consider binding the management interface to localhost only and using SSH tunnelling or RDP to access it.

Use Strong Management Passwords

When creating management users with add-user.bat, use strong passwords that meet enterprise password policy requirements. The password should be different from the Windows Administrator password.

Enable Windows Firewall

In addition to AWS security groups, ensure Windows Firewall is configured to restrict inbound traffic to only the required ports.

Apply Windows Updates

Keep the Windows Server operating system up to date with the latest security patches:

  1. Open Server Manager.
  2. Navigate to Windows Update.
  3. Check for and install available updates.

Apply WildFly Patches

Monitor WildFly security advisories and apply patches through the Administration Console's Patching section or by downloading updated releases from the WildFly website.

Enable HTTPS

For production deployments, configure WildFly to use HTTPS with a TLS certificate for both the application port (8080 replaced by 8443) and the management port. Update the standalone.xml configuration to add an SSL context.

Remove the Default Welcome Page

For production deployments, consider disabling the default welcome page to avoid exposing server information. This can be done through the Administration Console under Configuration.

Backup Configuration and Deployments

Regularly back up the WildFly configuration and deployed applications. Use AWS EBS snapshots for volume level backups or manually copy the standalone\configuration and standalone\deployments directories to a safe location.

Support

If you encounter any issues not covered in this guide or need further assistance, the cloudimg support team is available 24/7.

Email: support@cloudimg.co.uk Phone: (+44) 02045382725 Website: www.cloudimg.co.uk Address: 3rd Floor, 86 90 Paul Street, London, EC2A 4NE

When contacting support, please include your EC2 instance ID, the AWS region, and a description of the issue along with any relevant log output or screenshots.