John Embretsen wrote:
Daniel John Debrunner wrote:
JohnHEmbretsen wrote:
* Let's simplify things by saying that MBeans have essentially two
states: ''enabled'' or ''disabled''
* An '''enabled''' (registered) MBean is visible/accessible to
any valid JMX user.
=== SystemMBean ===
* May be enabled only if system-wide authentication
('''derby-authc''') is ''disabled'' in Derby (default),
Nice page. Just to point out that the use of "enabled" in SystemMBean
does not match the definition of "enabled" earlier in the page.
The SystemMBean section is really talking about if an attribute or
operation is visible or useable by a specific jmx-user, not if the
bean is enabled or not.
My intention was to talk about if the entire bean is enabled
(registered) or not. But perhaps my thinking is flawed. I guess I was
basing this description upon one possible way to implement this kind of
control, by not letting the bean be registered if the JMX user has not
been authenticated (we may for instance put logic in a preRegister()
method of the MBean).
Maybe I'm confused. I thought Derby's MBeans were registered by Derby's
code, not a jmx-user. Once a mbean was registered any jmx-user could see it?
Is there another step where the mbean gets registered in the view of the
jmx-user connecting to the system?
Dan.
