https://issues.apache.org/bugzilla/show_bug.cgi?id=53139
--- Comment #1 from Mark Thomas <ma...@apache.org> --- I not convinced that there is a security problem to solve here. JMX access is equivalent to full admin access and admins would be able to read those values in server.xml anyway. -- You are receiving this mail because: You are the assignee for the bug.