I meant o.a.k.management.cfg's jmxRealm field -D
On Wed, Jul 6, 2011 at 4:00 PM, Dan Tran <[email protected]> wrote: > My be I can enhance o.a.k.management to disable user/pass > authentication if the 'realm' field is empty? > > -D > > On Wed, Jul 6, 2011 at 2:53 PM, David Jencks <[email protected]> wrote: >> Hi Dan, >> >> I was thinking about this too recently.... geronimo has pretty much the same >> code for user/pw jmx auth and also client cert auth. Geronimo's user/pw >> code is slightly more functional than karaf's in that it provides logout >> functionality. At the moment it is not controlled by config admin. >> >> If you'd like to take a look and repurpose the geronimo code its at >> >> https://svn.apache.org/repos/asf/geronimo/server/trunk/framework/modules/geronimo-jmx-remoting >> >> There's a bunch of GBeanInfoBuilder goo in there that is geronimo specific. >> Basically you should take it out after using it as a guide for what to >> expose via config admin. >> >> If I had time and were working on this :-) I would use Declarative Services >> and write a component that depending on a flag in config admin would set up >> either the user/pw jmx connector/authenticator or the client cert one, >> looking for different properties in config admin for each. It's presumably >> possible to do this with blueprint as well. >> >> hope this helps >> david jencks >> >> On Jul 6, 2011, at 1:39 PM, Dan Tran wrote: >> >>> Hi I am in the process of getting my Karaf's JMX to accept only SSL >>> with client certificate. But first, how do I turn off the normal >>> user/password ( karaf/karaf ) authentication? >>> >>> the etc/o.a.k.management.cfg does not seem to provide a way to do just that. >>> >>> Thanks >>> >>> >>> -Dan >> >> >
