Hi Dan, I was thinking about this too recently.... geronimo has pretty much the same code for user/pw jmx auth and also client cert auth. Geronimo's user/pw code is slightly more functional than karaf's in that it provides logout functionality. At the moment it is not controlled by config admin.
If you'd like to take a look and repurpose the geronimo code its at https://svn.apache.org/repos/asf/geronimo/server/trunk/framework/modules/geronimo-jmx-remoting There's a bunch of GBeanInfoBuilder goo in there that is geronimo specific. Basically you should take it out after using it as a guide for what to expose via config admin. If I had time and were working on this :-) I would use Declarative Services and write a component that depending on a flag in config admin would set up either the user/pw jmx connector/authenticator or the client cert one, looking for different properties in config admin for each. It's presumably possible to do this with blueprint as well. hope this helps david jencks On Jul 6, 2011, at 1:39 PM, Dan Tran wrote: > Hi I am in the process of getting my Karaf's JMX to accept only SSL > with client certificate. But first, how do I turn off the normal > user/password ( karaf/karaf ) authentication? > > the etc/o.a.k.management.cfg does not seem to provide a way to do just that. > > Thanks > > > -Dan
