[jira] [Commented] (AMQ-8391) Consolidate to a single JAAS for jmx, messaging and web layers
[ https://issues.apache.org/jira/browse/AMQ-8391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17496874#comment-17496874 ] Matt Pavlovich commented on AMQ-8391: - Getting close on this.. the java default jmx settings are kicking back > Consolidate to a single JAAS for jmx, messaging and web layers > -- > > Key: AMQ-8391 > URL: https://issues.apache.org/jira/browse/AMQ-8391 > Project: ActiveMQ > Issue Type: Task >Reporter: Matt Pavlovich >Assignee: Matt Pavlovich >Priority: Major > Fix For: 5.17.0 > > > Currently, the default Apache ActiveMQ distribution has 3 user and group > backends-- jmx, messaging and web. > Update: > 1. Migrate the jetty.xml to use the JAAS backend used for messaging > 2. Add the jaasAuthentication to default activemq.xml (so it is explicitly > visible) > 3. Update the web-console servlet to permite access via 'web-console-role' > 4. Update the api servlet to allow access using 'rest-role' > 5. Add admin to the 'web-console-role' and 'rest-role' by default > 6. Migrate jmx to use the 'activemq' realm > 7. Create default jmx-readwrite-role and jmx-readonly-role roles in the > conf/jmx.access file > 8. Include the config breaking change in release notes -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (AMQ-8391) Consolidate to a single JAAS for jmx, messaging and web layers
[ https://issues.apache.org/jira/browse/AMQ-8391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17718961#comment-17718961 ] Matt Pavlovich commented on AMQ-8391: - JMX settings {noformat} ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.port=11099 " ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.rmi.port=11099 " ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.hostname=127.0.0.1 " ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.login.config=activemq " # ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.password.file=${ACTIVEMQ_CONF}/jmx.password" ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.access.file=${ACTIVEMQ_CONF}/jmx.access" ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.ssl=false " ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote " {noformat} > Consolidate to a single JAAS for jmx, messaging and web layers > -- > > Key: AMQ-8391 > URL: https://issues.apache.org/jira/browse/AMQ-8391 > Project: ActiveMQ > Issue Type: Task >Reporter: Matt Pavlovich >Assignee: Matt Pavlovich >Priority: Major > Fix For: 5.19.0 > > > Currently, the default Apache ActiveMQ distribution has 3 user and group > backends-- jmx, messaging and web. > Update: > 1. Migrate the jetty.xml to use the JAAS backend used for messaging > 2. Add the jaasAuthentication to default activemq.xml (so it is explicitly > visible) > 3. Update the web-console servlet to permite access via 'web-console-role' > 4. Update the api servlet to allow access using 'rest-role' > 5. Add admin to the 'web-console-role' and 'rest-role' by default > 6. Migrate jmx to use the 'activemq' realm > 7. Create default jmx-readwrite-role and jmx-readonly-role roles in the > conf/jmx.access file > 8. Include the config breaking change in release notes -- This message was sent by Atlassian Jira (v8.20.10#820010)