TC 5.5.9 - JMX - jconsole

Thu, 16 Jun 2005 04:31:34 -0700 

Opening a remote connection with jconsole to a tomcat 5.5.9 (jdk 1.5) running 
with security manager works fine when disabling authentication 
(com.sun.management.jmxremote.authenticate=false).

Using client auth & no security manager works well, too.

Using client auth & security manager throws security exceptions:

access: access denied (javax.management.MBeanPermission -#-[-] queryNames)
java.lang.Exception: Stack trace
        at java.lang.Thread.dumpStack(Thread.java:1158)
        at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:253)
        at 
java.security.AccessController.checkPermission(AccessController.java:427)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
        at 
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanPermission(DefaultMBeanServerInterceptor.java:1707)
        at 
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.queryNames(DefaultMBeanServerInterceptor.java:500)
        at 
com.sun.jmx.mbeanserver.JmxMBeanServer.queryNames(JmxMBeanServer.java:600)
        at 
com.sun.jmx.remote.security.MBeanServerAccessController.queryNames(MBeanServerAccessController.java:466)
        at 
javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427)
        at 
javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
        at 
javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1245)
        at java.security.AccessController.doPrivileged(Native Method)

In my opinion all packages and classes in the stack trace are in rt.jar, so 
they do have AllPermission.

Why do I get these excpetion(s) and which jars I have to give more permissions?

Gernot


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to