[jira] [Commented] (AMQ-8391) Consolidate to a single JAAS for jmx, messaging and web layers

Wed, 03 May 2023 08:12:33 -0700 


    [ 
https://issues.apache.org/jira/browse/AMQ-8391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17718961#comment-17718961
 ] 

Matt Pavlovich commented on AMQ-8391:
-------------------------------------

JMX settings
{noformat}
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START 
-Dcom.sun.management.jmxremote.port=11099 "
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START 
-Dcom.sun.management.jmxremote.rmi.port=11099 "
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START 
-Dcom.sun.management.jmxremote.hostname=127.0.0.1 "
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START 
-Dcom.sun.management.jmxremote.login.config=activemq "
# ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START 
-Dcom.sun.management.jmxremote.password.file=${ACTIVEMQ_CONF}/jmx.password"
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START 
-Dcom.sun.management.jmxremote.access.file=${ACTIVEMQ_CONF}/jmx.access"
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START 
-Dcom.sun.management.jmxremote.ssl=false "
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote "
{noformat}

> Consolidate to a single JAAS for jmx, messaging and web layers
> --------------------------------------------------------------
>
>                 Key: AMQ-8391
>                 URL: https://issues.apache.org/jira/browse/AMQ-8391
>             Project: ActiveMQ
>          Issue Type: Task
>            Reporter: Matt Pavlovich
>            Assignee: Matt Pavlovich
>            Priority: Major
>             Fix For: 5.19.0
>
>
> Currently, the default Apache ActiveMQ distribution has 3 user and group 
> backends-- jmx, messaging and web.
> Update:
> 1. Migrate the jetty.xml to use the JAAS backend used for messaging
> 2. Add the jaasAuthentication to default activemq.xml (so it is explicitly 
> visible)
> 3. Update the web-console servlet to permite access via 'web-console-role'
> 4. Update the api servlet to allow access using 'rest-role'
> 5. Add admin to the 'web-console-role' and 'rest-role' by default
> 6. Migrate jmx to use the 'activemq' realm
> 7. Create default jmx-readwrite-role and jmx-readonly-role roles in the 
> conf/jmx.access file
> 8. Include the config breaking change in release notes



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to