Semyon Danilov created IGNITE-13478: ---------------------------------------
Summary: Security issue in JMX configuration using ignite.sh Key: IGNITE-13478 URL: https://issues.apache.org/jira/browse/IGNITE-13478 Project: Ignite Issue Type: Bug Components: control.sh Affects Versions: 2.8.1 Reporter: Semyon Danilov Assignee: Semyon Danilov Fix For: 2.9 At the moment we have the following code: *functions.sh* {{JMX_PORT=`"$JAVA" -cp "${IGNITE_LIBS}" org.apache.ignite.internal.util.portscanner.GridJmxPortFinder` # # This variable defines necessary parameters for JMX # monitoring and management. # # This enables remote unsecure access to JConsole or VisualVM. # # ADD YOUR ADDITIONAL PARAMETERS/OPTIONS HERE # if [ -n "$JMX_PORT" ]; then JMX_MON="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=${JMX_PORT} \ -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false"}} So the properties -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false will be set always and there is no way to change them. -- This message was sent by Atlassian Jira (v8.3.4#803005)