On Thu, Mar 30, 2017 at 3:02 PM, Asma Jabir <[email protected]> wrote: > Hi > > I have been looking into the $subject issue in the github c5 repo [1] and > following is the summary of the findings till date. > > - There is a simple inbuilt authentication and authorization mechanism in > JMX using password and access files. Roles can be specified with either > readOnly or readWrite privileges [2]. > > - *readOnly* does not allow to change values or to invoke operations > but can monitor > - *readWrite *gives the total control over the server which allows to > change values and invoke operations > > Great work Asma! ​Will you be able to share the sample application that you implemented for verifying this functionality?
Thanks Imesh > - Both password and access files are properties based text files for > specifying username/password pairs and username/access pairs respectively. > > - The password and access files could reside anywhere in the server and > should be provided upon server startup. > > - SSL is enabled by default for remote monitoring and thus the SSL should > be configured properly after setting up a digital certificate. System > properties for keystore and truststore should be set in the server. > > [1] https://github.com/wso2/carbon-kernel/issues/1247 > [2] http://docs.oracle.com/javase/7/docs/technotes/guides/ > management/agent.html > <http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html> > > > Thanks. > > Regards, > Asma > -- > Asma Zinneera Jabir > Software Engineer > WSO2 Inc: http://wso2.com/ > Contact No: +94 77 332 4752 <+94%2077%20332%204752> > > > -- *Imesh Gunaratne* WSO2 Inc: http://wso2.com T: +94 11 214 5345 M: +94 77 374 2057 W: https://medium.com/@imesh TW: @imesh lean. enterprise. middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
