Re: JMX authentication failure

[Pid]

On 16/03/2010 05:22, Mercy wrote:
JMX does not need to authenticate for access.

No, it doesn't, but that's what you're trying to configure isn't it?


My question that is how to enable authentication on Tomcat.

You asked how to configure authentication for JMX and Gurkan answered 
you.  Read what he wrote more carefully.

 http://tomcat.apache.org/tomcat-6.0-doc/monitoring.html

You posted the following:

 -Dcom.sun.management.jmxremote.ssl=$JMX_SSL_ENABLED
 -Dcom.sun.management.jmxremote.authenticate=$JMX_SSL_ENABLED

You have used the same variable for both of these settings, instead of 
using the separately defined $JMX_AUTHENTICATE


p




Regards,
Mercy


Paolo Santarsiero wrote:
Is your system firewalled?

On 15 March 2010 14:17, Gurkan Erdogdu <cgurkanerdo...@gmail.com> wrote:

then you answer question :)

2010/3/15 Mercy <techme...@gmail.com>

Hi Gurkan,

it's false;

regards,
Mercy


Gurkan Erdogdu wrote:

-Dcom.sun.management.jmxremote.authenticate=$JMX_SSL_ENABLED

what is the $JMX_SSL_ENABLED value?

Thanks;

2010/3/15 Mercy <techme...@gmail.com>



Hi there,

I'd like to enable JMX on Tomcat 6.0.16/Linux, export environment
variables :

* # JMX authenticate
export JMX_AUTHENTICATE=true
echo "Is JMX authenticated ? " $JMX_AUTHENTICATE
# JMX password file
export JMX_PASSWORD_FILE=$JMX_HOME/jmxremote.password
echo "The location of password file of JMX : " $JMX_PASSWORD_FILE
# JMX access file
export JMX_ACCESS_FILE=$ETC_DIR/tomcat/jmx/jmxremote.access
echo "The location of access file of JMX : " $JMX_ACCESS_FILE
export CATALINA_OPTS="-Dcom.sun.management.jmxremote

-Dcom.sun.management.jmxremote.port=$JMX_PORT
-Dcom.sun.management.jmxremote.ssl=$JMX_SSL_ENABLED

-Dcom.sun.management.jmxremote.authenticate=$JMX_SSL_ENABLED
-Djava.rmi.server.hostname=$JMX_HOST_NAME

-Dcom.sun.management.jmxremote.password.file=$JMX_PASSWORD_FILE

-Dcom.sun.management.jmxremote.access.file=$JMX_ACCESS_FILE
$CATALINA_OPTS"*


The console outputs:
*...
**Is JMX authenticated ? true
The location of password file of JMX :
/home/mercy/workspace/website/etc/tomcat/jmx/jmxremote.password
...*

The password(/owner read-only privilege/) and access file are
existed,

*me...@workspace:~/workspace/website/etc/tomcat/jmx$ pwd
/home/mercy/workspace/website/etc/tomcat/jmx
me...@workspace:~/workspace/website/etc/tomcat/jmx$ ls -ls
total 8
4 -rw-r--r-- 1 mercy mercy 160 2010-03-11 20:35 jmxremote.access
4 -rw------- 1 mercy mercy 153 2010-03-11 19:45 jmxremote.password

*

The content of jmxremote.access:

*# Author : Mercy
# Date : 11 Mar 2010
# This is a password file of JMX, whose format is like this:
# ${USER_NAME} ${PRIVILEGE}

mercy readonly
admin readwrite*

jmxremote.password:

*# Author : Mercy
# Date : 11 Mar 2010
# This is a password file of JMX, whose format is like this:
# ${USER_NAME} ${PASSWORD}

mercy mercy
admin admin*


I run the JConsole to connect JMX on Tomcat after lunching it , it
allows
to access whether there is an authentication info or not.



Please tell me how to enable authentication, thanks in advance.

Kind regards,
Mercy







--
Gurkan Erdogdu
http://gurkanerdogdu.blogspot.com






---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org