Hello, Igniters! I recently got my eye on the fact that we have JMX enabled by default and it's configured in a very insecure way. Our default JMX parameters are authenticate=false and ssl=false.
I propose removing default configuration of JMX altogether, as user must *consciously* and carefully configure such dangerous things. I created an issue (https://issues.apache.org/jira/browse/IGNITE-13478) and pull request for those changes (https://github.com/apache/ignite/pull/8304). Cheers, Sam.