Re: providing jmx access in read-only mode
Hi Cedric, that looks interesting, I've never seen it before. We install an authenticator, but that doesn't immediately appear to relate closely with the role/permissions stuff. I don't see any mention of this in the javax.management javaodcs although there are some permissions. I'd be interested to know what happens if you try to set this up. My first guess is that you might need the login module used by the authenticator to add a JMXPermission to the subject with name equal to one of the roles mapped to readonly. thanks! david jencks On Apr 17, 2011, at 3:36 PM, Cedric Hurst wrote: > There appears to be support for access permissions in the JMX Agent provided > by the JDK. > > http://download.oracle.com/javase/1.5.0/docs/guide/management/agent.html#PasswordAccessFiles > > Just wondering how something like that would hook into Geronimo. > > -- > View this message in context: > http://apache-geronimo.328035.n3.nabble.com/providing-jmx-access-in-read-only-mode-tp2830964p2832418.html > Sent from the Users mailing list archive at Nabble.com.
Re: providing jmx access in read-only mode
There appears to be support for access permissions in the JMX Agent provided by the JDK. http://download.oracle.com/javase/1.5.0/docs/guide/management/agent.html#PasswordAccessFiles Just wondering how something like that would hook into Geronimo. -- View this message in context: http://apache-geronimo.328035.n3.nabble.com/providing-jmx-access-in-read-only-mode-tp2830964p2832418.html Sent from the Users mailing list archive at Nabble.com.
Re: providing jmx access in read-only mode
There's no code in geronimo to support this. Is there any support for this kind of authorization in jmx itself? thanks david jencks On Apr 17, 2011, at 7:48 AM, Cedric Hurst wrote: > I'm looking to use the Geronimo JMX Remoting Connector to listen for certain > MBean values, but I want to ensure that a listener does not have the ability > to change these values. I've poked around the jmxremoting source, but > couldn't find any reference to read or write privileges. Is this possible > in Geronimo? > > -- > View this message in context: > http://apache-geronimo.328035.n3.nabble.com/providing-jmx-access-in-read-only-mode-tp2830964p2830964.html > Sent from the Users mailing list archive at Nabble.com.