Author: markt
Date: Mon Aug 10 12:57:09 2009
New Revision: 802774
URL: http://svn.apache.org/viewvc?rev=802774&view=rev
Log:
Improve the JMX remote docs before proposing a backport
Modified:
tomcat/trunk/webapps/docs/config/listeners.xml
Modified: tomcat/trunk/webapps/docs/config/listeners.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/listeners.xml?rev=802774&r1=802773&r2=802774&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/listeners.xml (original)
+++ tomcat/trunk/webapps/docs/config/listeners.xml Mon Aug 10 12:57:09 2009
@@ -154,7 +154,7 @@
behind a firewall. Only these ports are configured via the listener. The
remainder of the configuration is via the standard system properties for
configuring JMX. For further information on configuring JMX see
- <a href="http://java.sun.com/j2se/1.6.0/docs/guide/management/agent.html";>
+ <a
href="http://java.sun.com/javase/6/docs/technotes/guides/management/agent.html";>
Monitoring and Management Using JMX</a> included with the Java SDK
documentation.</p>
@@ -165,16 +165,31 @@
</source>
with the following system properties set (e.g. in setenv.sh):
<source>
--Dcom.sun.management.jmxremote.password.file=${catalina.base}/conf/jmxremote.password
--Dcom.sun.management.jmxremote.access.file=${catalina.base}/conf/jmxremote.access
+-Dcom.sun.management.jmxremote.password.file=$CATALINA_BASE/conf/jmxremote.password
+-Dcom.sun.management.jmxremote.access.file=$CATALINA_BASE/conf/jmxremote.access
+-Dcom.sun.management.jmxremote.ssl=false
+</source>
+ $CATALINA_BASE/conf/jmxremote.password containing:
+<source>
+admin letmein
+</source>
+ $CATALINA_BASE/conf/jmxremote.access containing:
+<source>
+admin readwrite
</source>
then opening ports 10001 (RMI Registry) and 10002 (JMX/RMI Server) in your
firewall would enable jconsole to connect to a Tomcat instance running
- behind a firewall.
+ behind a firewall using a connection string of the form:
+<source>
+service:jmx:rmi://<hostname>:10002/jndi/rmi://<hostname>:10001/jmxrmi
+</source>
+ with a user name of <code>admin</code> and a password of
+ <code>letmein</code>.
</p>
- <p><strong>JMX access should be considered equivalent to administrative
- access and secured accordingly.</strong></p>
+ <p><strong>Note that the example above does not use SSL. JMX access should
+ be considered equivalent to administrative access and secured accordingly.
+ </strong></p>
<p>This listener must only be nested within a <a
href="server.html">Server</a>
element.</p>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
