Dear Bill,
I've been through the docs. I've been through Google. I can't seem
to figure this out.
Server: Tomcat 6.0.18, JDK: 1.6.0_07, Redhat Server 5.2
Client: jconsole from JDK 1.6.0_07 on Windows XP
I've got all of these in $CATALINA_OPTS and they do show up in
the java command line when I run ps:
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=12345
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=false
The Redhat server is running iptables and disallows most things that
aren't 80/443. Any other ports that are needed are generally opened
up only to specific IP's.
I've opened up the JMX port specified above on the Linux firewall:
iptables -A INPUT -s myClientsIp -p tcp -m tcp --dport 12345 -j ACCEPT
I run jconsole:
C:\PathToJava\bin>jconsole myServer.myDomain.com:12345
It can't make the connection. I've got a feeling it's something to
do with
the firewall. I've seen some stuff that suggests that there's another
unspecified port opened up but it didn't really make sense to me.
Note that the server and the client are at different facilities
connected
over the internet which is why I eventually want to get it going with
authentication and SSL but I can't even get this simple insecure
version of the connection to work.
I just spent a few hours trying to figure this out myself. The problem
you are facing is that RMI uses dynamic port allocation. The port you
are specifying is that of the RMI registry, which only acts as a
naming service.
The actual JMX port is dynamically chosen by the RMI registry, so
opening a single port on the firewall does not actually help.
The simple case will never work for your environment. You have to go
SSL for this to even work. Here is a blog post by Daniel Fuchs with a
step-by-step for ssl and single port RMI http://blogs.sun.com/jmxetc/entry/jmx_connecting_through_firewalls_using
In the end I just gave up and I now open the firewall between my dev
machine's IP and the test machine's IP when I need jconsole. I have
better things to do with my time than fight RMI. :-/
--
Kees Jan
http://java-monitor.com/forum/
[EMAIL PROTECTED]
06-51838192
Human beings make life so interesting. Do you know that in a universe
so full of wonders,
they have managed to invent boredom. Quite astonishing... -- Terry
Partchett
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
