@Justin Bertram <[email protected]> Yes I have seen that, Jolokia has an auditfacility. We remove these jars when deployed in an Artemis build, how are you deploying?
just fyi this hasnt changed Andy On Tue, 26 Aug 2025 at 21:43, Justin Bertram <[email protected]> wrote: > When I deploy the console WAR file to an instance of ActiveMQ Artemis > 2.42.0 I see a lot of exceptions like this in the log when I log in to the > web console with my browser: > > WARN [org.eclipse.jetty.ee9.nested.ContextHandler._console] > jolokia-agent: Cannot call request logger > org.jolokia.service.history.HistoryMBeanRequestInterceptor@7800cf67: > java.lang.SecurityException: User not authorized to access operation: > updateAndAdd > java.lang.SecurityException: User not authorized to access operation: > updateAndAdd > at > > org.apache.activemq.artemis.core.server.management.ArtemisMBeanServerGuard.handleInvoke(ArtemisMBeanServerGuard.java:168) > at > > org.apache.activemq.artemis.core.server.management.ArtemisMBeanServerGuard.invoke(ArtemisMBeanServerGuard.java:69) > at > > org.apache.activemq.artemis.core.server.management.ArtemisMBeanServerBuilder$MBeanInvocationHandler.invoke(ArtemisMBeanServerBuilder.java:76) > at jdk.proxy2/jdk.proxy2.$Proxy33.invoke(Unknown Source) > at > > org.jolokia.service.history.HistoryMBeanRequestInterceptor$1.run(HistoryMBeanRequestInterceptor.java:72) > at > > java.base/java.security.AccessController.doPrivileged(AccessController.java:712) > at java.base/javax.security.auth.Subject.doAs(Subject.java:439) > at > > org.jolokia.service.history.HistoryMBeanRequestInterceptor.intercept(HistoryMBeanRequestInterceptor.java:68) > at > > org.jolokia.server.core.backend.BackendManager.intercept(BackendManager.java:131) > at > > org.jolokia.server.core.backend.BackendManager.handleRequest(BackendManager.java:116) > at > > org.jolokia.server.core.http.HttpRequestHandler.executeRequest(HttpRequestHandler.java:205) > at > > org.jolokia.server.core.http.HttpRequestHandler.handlePostRequest(HttpRequestHandler.java:139) > at > > org.jolokia.server.core.http.AgentServlet$1.handleRequest(AgentServlet.java:496) > at > > org.jolokia.server.core.http.AgentServlet.handleSecurely(AgentServlet.java:378) > at > org.jolokia.server.core.http.AgentServlet.handle(AgentServlet.java:316) > at > org.jolokia.server.core.http.AgentServlet.doPost(AgentServlet.java:275) > at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:520) > at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:587) > ... > > Have you seen this before? > > Is there perhaps a new Jolokia operation (i.e. updateAndAdd) that's not > accounted for in the default management.xml? > > > Justin > > On Tue, Aug 26, 2025 at 9:23 AM Clebert Suconic <[email protected] > > > wrote: > > > +1 Binding > > > > On Tue, Aug 26, 2025 at 5:58 AM Andy Taylor <[email protected]> > > wrote: > > > > > > I would like to propose an ActiveMQ Artemis Console 1.3.0 release. The > > main > > > focus of this release is a HawtIO Upgrade, some repackaging of the NPM > > > components and fixes. > > > > > > The Binary artifacts can be found at > > > > > > https://dist.apache.org/repos/dist/dev/activemq/activemq-artemis-console/1.3.0 > > > > > > The Maven staging repository is here: > > > > > > https://repository.apache.org/content/repositories/orgapacheactivemq-1435 > > > > > > If you would like to validate the release you can either: > > > > > > 1. Check out the source, build and follow the readme instructions > > > (README.md) to deploy and smoke test the console. > > > 2. Download the binary distribution and deploy in a web container. > > > 3. Replace the console war in the latest ActiveMQ Artemis release or a > > > build from source. > > > > > > [ ] +1 approve this release [ ] +0 no opinion [ ] -1 disapprove (and > > reason > > > why) > > > > > > Here's my +1 > > > > > > Andy Taylor > > > > > > > > -- > > Clebert Suconic > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > For further information, visit: https://activemq.apache.org/contact > > > > > > >
