Hi Dave, you need to add the monitor role to HAWTIO_ROLE in artemis.profile and the access for the isActive method in management.xml.
Execute the following steps to get a working example: 1) create a new broker instance: ./bin/artemis create broker --user admin --password admin --require-login 2) add test user with monitor role echo -e "\ntest = test" >> ./broker/etc/artemis-users.properties echo -e "\nmonitor = test" >> ./broker/etc/artemis-roles.properties 3) add the monitor role to HAWTIO_ROLE in artemis.profile sed -i "s/HAWTIO_ROLE='amq'/HAWTIO_ROLE='amq,monitor'/" ./broker/etc/artemis.profile 4) add the access for the isActive method in management.xml sed -i 's/org.apache.activemq.artemis">/org.apache.activemq.artemis"><access\ method="isActive"\ roles="amq,monitor"\/>/' ./broker/etc/management.xml 5) run the broker ./broker/bin/artemis run 6) read the Active attribute curl -H "Origin:http://localhost:8161"; -u test:test http://localhost:8161/console/jolokia/read/org.apache.activemq.artemis:broker=\ "0.0.0.0\"/Active {"request":{"mbean":"org.apache.activemq.artemis:broker=\"0.0.0.0\"","attribute":"Active","type":"read"},"value":true,"timestamp":1637271157,"status":200} Regards, Domenico On Thu, 18 Nov 2021 at 18:16, David Martin <dav...@qoritek.com> wrote: > Hi all, > > I'm trying to configure role access via the Jolokia REST API for the single > attribute "Active" on the "org.apache.activemq.artemis" domain. > > I have a user with a role "monitor" and want them to be able to access > nothing but the above attribute via e.g. > /console/jolokia/read/org.apache.activemq.artemis:broker=*/Active. The > manual regarding management.xml is clear about *method *access e.g. "get*" > but has no examples for *attribute *access. > > Having spent about an hour on it I'm really stuck. Any help would be > appreciated. > > > Cheers, > > Dave >
