[
https://issues.apache.org/jira/browse/QPID-1511?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Gemmell updated QPID-1511:
---------------------------------
Attachment: QPID-1511_wip_8dec2008.patch
I attach QPID-1511_wip_8dec2008.patch, which as being discussed on qpid-dev is
a work in progress on authenticating the RMIConnector used by the broker+mc for
JMX. It adds a (currently inner-class, but should probably not be, wip :P)
JMXAuthenticator implementation to allow authentication of the RMIConnector
created, and modifies the way it is created to ensure it is then proxied by the
MBeanServerForwarder implementation used with the JMXMP connector ,and thus
applies the jmx access rights system to RMI based connections. The console is
updated accordingly to send the user credentials when creation its connection.
It doesnt yet do SSL but that can be added.
> JMX Interface does not require authentication
> ---------------------------------------------
>
> Key: QPID-1511
> URL: https://issues.apache.org/jira/browse/QPID-1511
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker, Java Management : JMX Console
> Affects Versions: M1, M2, M2.1, M3, M4
> Reporter: Martin Ritchie
> Attachments: QPID-1511_wip_8dec2008.patch
>
>
> Summary:
> JMX Interface uses the default RMI connector which has no authentication
> mechanism. We should not be shipping a JMX interface that doesn't have
> authentication. The interface has been disabled by default for M4 but this
> should be modified based on the outcome of the discussion on qpid-dev to
> authenticate all connections.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
