[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathan Gallimore updated TOMEE-2294: -- Fix Version/s: (was: 8.0.8) 8.0.6 > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.1.1, 8.0.0-M3, 7.1.2, 8.0.1 >Reporter: Frans >Priority: Major > Fix For: 8.0.6 > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Zowalla updated TOMEE-2294: --- Fix Version/s: (was: 8.0.7) 8.0.8 > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.1.1, 8.0.0-M3, 7.1.2, 8.0.1 >Reporter: Frans >Priority: Major > Fix For: 8.0.8 > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Martin Wiesner updated TOMEE-2294: -- Affects Version/s: 7.1.1 7.1.2 > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.1.1, 8.0.0-M3, 7.1.2, 8.0.1 >Reporter: Frans >Priority: Major > Fix For: 8.0.6 > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Martin Wiesner updated TOMEE-2294: -- Affects Version/s: 8.0.0-M3 8.0.1 > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 8.0.0-M3, 8.0.1 >Reporter: Frans >Priority: Major > Fix For: 8.0.6 > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathan Gallimore updated TOMEE-2294: -- Fix Version/s: (was: 8.0.0-Final) 8.0.1 > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Reporter: Frans >Priority: Major > Fix For: 8.0.1 > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jean-Louis MONTEIRO updated TOMEE-2294: --- Fix Version/s: (was: 8.0.0-M4) 8.0.0-Final > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Reporter: Frans >Priority: Major > Fix For: 8.0.0-Final > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Roberto Cortez updated TOMEE-2294: -- Fix Version/s: (was: 8.0.0-M2) 8.0.0-M3 > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Reporter: Frans >Priority: Major > Fix For: 8.0.0-M3 > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (TOMEE-2294) Can't disable unauthenticated JMX on 1099
[ https://issues.apache.org/jira/browse/TOMEE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Frans updated TOMEE-2294: - Description: ActiveMQ comes bundled with a JMX host that is default on unauthenticated on port 1099. {code:java} BrokerXmlConfig = broker:(vm://broker)?useJmx=false ServerUrl = vm://broker {code} Tomee's resource configuration doesn't allow this to be disabled. The above doesn't work. This can be disabled by inspecting an activemq jar's manifest, pulling down the same version of activemq-all, and putting that in the tomee/lib directory, at which point this works: {code:java} BrokerXmlConfig = xbean:file:activemq.xml ServerUrl = vm://broker {code} {code:java} http://activemq.apache.org/schema/core; useJmx="false" brokerName="broker" useShutdownHook="false" persistent="true" start="true" schedulerSupport="false" enableStatistics="false" offlineDurableSubscriberTimeout="25920" offlineDurableSubscriberTaskSchedule="360"> {code} However, convincing the guy hosting the server to inspect JAR manifests, pull down specific jars, and maintain a second configuration file seems like a lot of effort to go to just to have the ability to disable unauthenticated access to every MBean in the VM was: ActiveMQ comes bundled with a JMX host that is default on authenticated on port 1099. {code:java} BrokerXmlConfig = broker:(vm://broker)?useJmx=false ServerUrl = vm://broker {code} Tomee's resource configuration doesn't allow this to be disabled. The above doesn't work. This can be disabled by inspecting an activemq jar's manifest, pulling down the same version of activemq-all, and putting that in the tomee/lib directory, at which point this works: {code:java} BrokerXmlConfig = xbean:file:activemq.xml ServerUrl = vm://broker {code} {code:java} http://activemq.apache.org/schema/core; useJmx="false" brokerName="broker" useShutdownHook="false" persistent="true" start="true" schedulerSupport="false" enableStatistics="false" offlineDurableSubscriberTimeout="25920" offlineDurableSubscriberTaskSchedule="360"> {code} However, convincing the guy hosting the server to inspect JAR manifests, pull down specific jars, and maintain a second configuration file seems like a lot of effort to go to just to have the ability to disable unauthenticated access to every MBean in the VM > Can't disable unauthenticated JMX on 1099 > - > > Key: TOMEE-2294 > URL: https://issues.apache.org/jira/browse/TOMEE-2294 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Reporter: Frans >Priority: Major > Fix For: 8.0.0-Final > > > ActiveMQ comes bundled with a JMX host that is default on unauthenticated on > port 1099. > {code:java} > > BrokerXmlConfig = broker:(vm://broker)?useJmx=false > ServerUrl = vm://broker > {code} > Tomee's resource configuration doesn't allow this to be disabled. The above > doesn't work. > This can be disabled by inspecting an activemq jar's manifest, pulling down > the same version of activemq-all, and putting that in the tomee/lib > directory, at which point this works: > {code:java} > > BrokerXmlConfig = xbean:file:activemq.xml > ServerUrl = vm://broker > > {code} > {code:java} > http://activemq.apache.org/schema/core; > useJmx="false" > brokerName="broker" > useShutdownHook="false" > persistent="true" > start="true" > schedulerSupport="false" > enableStatistics="false" > offlineDurableSubscriberTimeout="25920" > offlineDurableSubscriberTaskSchedule="360"> > {code} > However, convincing the guy hosting the server to inspect JAR manifests, pull > down specific jars, and maintain a second configuration file seems like a lot > of effort to go to just to have the ability to disable unauthenticated access > to every MBean in the VM -- This message was sent by Atlassian JIRA (v7.6.3#76005)