[ https://issues.apache.org/jira/browse/QPID-1568?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Gemmell updated QPID-1568: --------------------------------- Attachment: QPID-1568_11jan2009.patch Investigating fine level logging output from JConsole showed that the initial connection attempt was actually successful, but the tools would then immediately disconnect without indication of a reason. Using VisualVM provided more error detail, and showed the problem to be a result of SecurityExceptions being raised in the custom MBeanInvocationHandlerImpl class, where it was found that the new use of authentication and access control on the RMI connection exposed a flaw in a method used to determine if invoked methods are read-only methods. The isRegistered() and isInstanceOf() methods of MBeanServer are not covered by the existing categorization tests and so their use by the consoles was not being flagged as a read-only, violating the rights of the guest account being used. This hasnt previously been exposed because the Qpid JMX managemetn Console does not use these methods, the RMI connnection has thus far been unauthenticated and did not use the custom invoker, and the JMXMP connection would require making JConsole/VisualVM support the SASL process used by the broker. The attached QPID-1568_11jan2009.patch solves this by flagging these methods as read-only. Additionally, a field name was changed to adhere to the qpid coding style. > JConsole/VisualVM unable to connect to broker when JMX RMI authentication and > access control is used > ---------------------------------------------------------------------------------------------------- > > Key: QPID-1568 > URL: https://issues.apache.org/jira/browse/QPID-1568 > Project: Qpid > Issue Type: Bug > Components: Java Broker > Reporter: Robert Gemmell > Attachments: QPID-1568_11jan2009.patch > > > When authentication and access control is added to the RMI based JMX > connector server used by the Java broker, management tools such as JConsole > and VisualVM are unable to remotely connect to the console. Logging output > from JConsole indicated that a connection is successfully established and > then immediatley closed. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.