Hi I have been looking into the $subject issue in the github c5 repo [1] and following is the summary of the findings till date.
- There is a simple inbuilt authentication and authorization mechanism in JMX using password and access files. Roles can be specified with either readOnly or readWrite privileges [2]. - *readOnly* does not allow to change values or to invoke operations but can monitor - *readWrite *gives the total control over the server which allows to change values and invoke operations - Both password and access files are properties based text files for specifying username/password pairs and username/access pairs respectively. - The password and access files could reside anywhere in the server and should be provided upon server startup. - SSL is enabled by default for remote monitoring and thus the SSL should be configured properly after setting up a digital certificate. System properties for keystore and truststore should be set in the server. [1] https://github.com/wso2/carbon-kernel/issues/1247 [2] http://docs.oracle.com/javase/7/docs/technotes/ guides/management/agent.html <http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html> Thanks. Regards, Asma -- Asma Zinneera Jabir Software Engineer WSO2 Inc: http://wso2.com/ Contact No: +94 77 332 4752 <+94%2077%20332%204752>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev