I understand that access to MBeans is protected via RBAC mechanism: http://karaf.apache.org/manual/latest/users-guide/monitoring.html
However, is this also the case for code running inside Karaf? E.g. when doing MBeanServer mbs = ManagementFactory.getPlatformMBeanServer(); it seems I can access all MBeans without requiring a username/password. However, this is not reliable. Depending on startup timing (or something else), _sometimes_ I receive "Insufficient roles/credentials for operation" for a query, indicating that KarafMBeanServerGuard is intervening.
