Dan, Retry your authentication stuff with trunk now.. I enabled the RMI support.
Paul On 5/4/07, Mondain <[EMAIL PROTECTED]> wrote:
There shouldn't be any more jmx exceptions as far as unregistration and attribute update, but if there are i'd ask that you put in a jira issue. I simplified the unreg and attr updates just this morning. On 5/4/07, Dan Rossi <[EMAIL PROTECTED]> wrote: > > java service wrapper is set to login as administrator, set read > permissions only to administrator still get that read access error on > windows anyway. There is more problems with exceptions atm though. > > Mondain wrote: > > I see youre having a bit of trouble, so ill try to get jmx auth > > working on my box this weekend... Ill let you know how it goes. > > > > Paul > > > > On 5/4/07, *Dan Rossi * < [EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]>> wrote: > > > > OK it got a bit much damn windows, had to turn authentication off. > > > > Dan Rossi wrote: > > > OK getting things to work in the java service wrapper isnt as > > easy, not > > > even adding the conf directory to the classpath worked, had to > > give full > > > path. The next problem is fixing permissions on the password > > file for > > > the user logged in as for the service still doesnt work and > > causes errors :\ > > > > > > Dan Rossi wrote: > > > > > >> OK I added conf to the classpath in eclipse and can load the > > conf file > > >> like this in the java args > > >> > > >> -Dcom.sun.management.jmxremote > > >> -Dcom.sun.management.config.file=conf/jmx.properties > > >> > > >> and the files can be loaded like > > >> > > >> # ################ RMI Password file location > ################## > > >> > com.sun.management.jmxremote.password.file=conf/jmxremote.password > > >> > > >> # > > >> # ################ RMI Access file location > ##################### > > >> com.sun.management.jmxremote.access.file=conf/jmxremote.access > > >> > > >> edited red5.sh to > > >> > > >> exec $JAVA -Djava.security.manager > > >> -Djava.security.policy=conf/red5.policy > > -Dcom.sun.management.jmxremote > > >> -Dcom.sun.management.config.file=conf/jmx.properties -cp > > >> red5.jar:conf:$CLASSPATH org.red5.server.Standalone > > >> > > >> > > >> Dan Rossi wrote: > > >> > > >> > > >>> Hi im not sure i understand what you mean by adding these > > files into the > > >>> classpath, how is it best to reference these stored within the > > conf > > >>> directory ? > > >>> > > >>> As for examples, to be honest its the first time ive checked > > out the > > >>> "txt" files within the docs directory. Im considering porting > and > > >>> compiling all these files into into sectioned, parted, article > > based > > >>> documentation into docbook xml and build a single pdf out of > > it , and > > >>> then it may be easier to read :) > > >>> > > >>> Mondain wrote: > > >>> > > >>> > > >>> > > >>>> Thanks for check this out Dan, > > >>>> Revision 1954 allows the html adapter to be disabled via the > > spring > > >>>> config, in fact for security purposes i disabled it by > default. > > >>>> As for the jmx.properties files, ensure that they are on the > > classpath > > >>>> and they should be found. I didnt write a complex jmx remote > > example > > >>>> since the links I provided do a much better job. > > >>>> > > >>>> > > >>>> Paul > > >>>> > > >>>> > > >>>> On 5/3/07, *Dan Rossi* < [EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]> > > >>>> <mailto:[EMAIL PROTECTED] > > <mailto: [EMAIL PROTECTED]>>> wrote: > > >>>> > > >>>> Im still getting my head around this, it seems you are > > able to inject > > >>>> values into Managed bean methods correct ? IE a > > syncronised list of > > >>>> whatever, be it hosts allowed to connect, files added to > > a server side > > >>>> playlist etc ? > > >>>> > > >>>> The management is way too complex and unneccesary for me > > atm, but can > > >>>> become quite useful, ive yet to check if i can disable > > the http > > >>>> adaptor > > >>>> as its a bit of a security risk having exposed like this > > and isnt > > >>>> doing > > >>>> what I need which is resource monitoring is graphs. > > >>>> > > >>>> Here is what ive done to enable jconsole or MC4J to > connect > > >>>> remotely to > > >>>> a Red5 server, however ive had to set some paths as > > static as im not > > >>>> sure how to use env variables for this yet. > > >>>> > > >>>> The problems im facing is to enable and force SSL on the > > client > > >>>> which im > > >>>> unsure how to setup, which aparantly doesnt use the clear > > text > > >>>> password > > >>>> system, as ive just read there is a security hole. > > >>>> > > >>>> I think next is to also add the snmp agent so our cacti > > graphing > > >>>> system > > >>>> is able to graph things aswell :) > > >>>> > > >>>> In eclipse debug I added some java args like so, but > > unsure how to use > > >>>> env vars instead of full paths > > >>>> > > >>>> -Dcom.sun.management.jmxremote > > >>>> > > -Dcom.sun.management.config.file=/www/red5/conf/jmx.properties > > >>>> > > >>>> This allows for local console monitoring connecting to > > >>>> org.red5.server.Standalone which will display in the > > local list, and > > >>>> also remote management with settings set in the custom > > properties > > >>>> file. > > >>>> > > >>>> conf/jmxremote.password > > >>>> > > >>>> > > ############################################################## > > >>>> # Password File for Remote JMX Monitoring > > >>>> > > ############################################################## > > >>>> > > >>>> dan secret > > >>>> > > >>>> chmod 600 jmxremote.password to enable read only access > > >>>> > > >>>> conf/jmxremote.access > > >>>> > > >>>> > > > ###################################################################### > > >>>> # Default Access Control File for Remote JMX(TM) > > Monitoring > > >>>> > > > ###################################################################### > > > > >>>> > > >>>> danielr readwrite > > >>>> > > >>>> > > >>>> Again below not sure how to set env vars instead of full > > paths to the > > >>>> password and access file. > > >>>> > > >>>> conf/jmx.properties > > >>>> > > >>>> # ################ Management Agent Port > > ######################### > > >>>> # > > >>>> # JMX RMI Agent > > >>>> com.sun.management.jmxremote.port=8004 > > >>>> # JMX SNMP Agent > > >>>> #com.sun.management.snmp.port=8005 > > >>>> > > >>>> > > > ##################################################################### > > >>>> # Optional Instrumentation > > >>>> > > > ##################################################################### > > >>>> > > >>>> # To enable thread contention monitoring, uncomment the > > following line > > >>>> # com.sun.management.enableThreadContentionMonitoring > > >>>> > > >>>> > > >>>> > > > ##################################################################### > > >>>> # SNMP Management Properties > > >>>> > > > ##################################################################### > > >>>> > > >>>> # ##################### SNMP Trap Port > > ######################### > > >>>> # To set port for sending traps to a different port use > > following line > > >>>> # com.sun.management.snmp.trap=<trap-destination-port-number> > > > >>>> > > >>>> # > > >>>> # ################ SNMP listen interface > > ######################### > > >>>> # For restricting the port on which SNMP agent listens > use > > >>>> following line > > >>>> # com.sun.management.snmp.interface=<InetAddress> > > >>>> > > >>>> # #################### SNMP ACL file > > ######################### > > >>>> #For a non-default acl file location use following line > > >>>> # com.sun.management.snmp.acl.file=/www/red5/jmxsnmp.acl > > >>>> > > >>>> > > >>>> > > > ##################################################################### > > >>>> # RMI Management Properties > > >>>> > > > ##################################################################### > > >>>> # > > >>>> # ###################### RMI SSL > > ############################# > > >>>> > > >>>> #For RMI monitoring without SSL use the following line > > >>>> com.sun.management.jmxremote.ssl=false > > >>>> # com.sun.management.jmxremote.ssl.enabled.cipher.suites= > > >>>> <cipher-suites> > > >>>> # > > >>>> com.sun.management.jmxremote.ssl.enabled.protocols= > > <protocol-versions> > > >>>> # > > com.sun.management.jmxremote.ssl.need.client.auth=true|false > > >>>> # com.sun.management.jmxremote.ssl.need.client.auth=true > > >>>> > > >>>> # > > >>>> # ################ RMI User authentication > ################ > > >>>> com.sun.management.jmxremote.authenticate=true > > >>>> > > >>>> # > > >>>> # ################ RMI Login configuration > > ################### > > >>>> # > > >>>> # com.sun.management.jmxremote.login.config=<config-name> > > >>>> # Specifies the name of a JAAS login configuration > > entry to > > >>>> use when > > >>>> # authenticating users of RMI monitoring. > > >>>> # > > >>>> # Setting this property is optional - the default > login > > >>>> configuration > > >>>> # specifies a file-based authentication that uses > the > > >>>> password file. > > >>>> # > > >>>> # When using this property to override the default > > login > > >>>> configuration > > >>>> # then the named configuration entry must be in a > > file that gets > > >>>> loaded > > >>>> # by JAAS. In addition, the login module(s) > > specified in the > > >>>> configuration > > >>>> # should use the name and/or password callbacks to > > acquire > > >>>> the user's > > >>>> # credentials. See the NameCallback and > > PasswordCallback > > >>>> classes in > > >>>> the > > >>>> # javax.security.auth.callback package for more > details. > > >>>> # > > >>>> # If the property " > > com.sun.management.jmxremote.authenticate" is > > >>>> set to > > >>>> # false, then this property and the password & > > access files are > > >>>> ignored. > > >>>> # > > >>>> > > >>>> # For a non-default login configuration use the following > > line > > >>>> # com.sun.management.jmxremote.login.config=<config-name> > > >>>> > > >>>> # > > >>>> # ################ RMI Password file location > > ################## > > >>>> > > > com.sun.management.jmxremote.password.file=/www/red5/conf/jmxremote.password > > >>>> > > >>>> # > > >>>> # ################ RMI Access file location > > ##################### > > >>>> > > > com.sun.management.jmxremote.access.file=/www/red5/conf/jmxremote.access > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> _______________________________________________ > > >>>> Red5 mailing list > > >>>> [email protected] <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>> > > >>>> http://osflash.org/mailman/listinfo/red5_osflash.org > > >>>> <http://osflash.org/mailman/listinfo/red5_osflash.org> > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> -- > > >>>> The early bird may get the worm, but the second mouse gets > > the cheese. > > >>>> > > > ------------------------------------------------------------------------ > > >>>> > > >>>> _______________________________________________ > > >>>> Red5 mailing list > > >>>> [email protected] <mailto:[email protected]> > > >>>> http://osflash.org/mailman/listinfo/red5_osflash.org > > >>>> > > >>>> > > >>>> > > >>>> > > >>> _______________________________________________ > > >>> Red5 mailing list > > >>> [email protected] <mailto:[email protected]> > > >>> http://osflash.org/mailman/listinfo/red5_osflash.org > > >>> > > >>> > > >>> > > >>> > > >> _______________________________________________ > > >> Red5 mailing list > > >> [email protected] <mailto:[email protected]> > > >> http://osflash.org/mailman/listinfo/red5_osflash.org > > >> > > >> > > >> > > > > > > > > > _______________________________________________ > > > Red5 mailing list > > > [email protected] <mailto:[email protected]> > > > http://osflash.org/mailman/listinfo/red5_osflash.org > > > > > > > > > > > > _______________________________________________ > > Red5 mailing list > > [email protected] <mailto:[email protected]> > > http://osflash.org/mailman/listinfo/red5_osflash.org > > > > > > > > > > -- > > The early bird may get the worm, but the second mouse gets the cheese. > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Red5 mailing list > > [email protected] > > http://osflash.org/mailman/listinfo/red5_osflash.org > > > > > _______________________________________________ > Red5 mailing list > [email protected] > http://osflash.org/mailman/listinfo/red5_osflash.org > -- The early bird may get the worm, but the second mouse gets the cheese.
-- It is difficult to free fools from the chains they revere. - Voltaire
_______________________________________________ Red5 mailing list [email protected] http://osflash.org/mailman/listinfo/red5_osflash.org
