On Mon, Apr 2, 2012 at 11:38 AM, Thiago Souza <[email protected]> wrote: > Hi Dan, > > Here it is: > > - What karaf distribution did you use? > Latest 2.2.5
Minimum, standard, or enterprise? > > - What is your host and OS type? > Linux Ubuntu 10.11 64-bits how do you invoke karaf? > > - What did you change? > The change I made was in org.apache.karaf.management.cfg. I've changed > the serviceUrl from "localhost" to "0.0.0.0" what are your jmx port, adn your registry port? > > - Are you able to to connect to karaf locally via same URL?? > I don't know how to test JMX from a shell console, but I can telnet to > localhost 1099. > Can you run Xwindow to your ubuntu box and run Jconsole from there? > > On Mon, Apr 2, 2012 at 14:29, Dan Tran <[email protected]> wrote: >> >> Your URL is wrong jmx:rmi:///jndi/rmi://<host>:1099/karaf-root using >> service:jmx:rmi:///jndi/rmi://<host>:1099/karaf-root" >> >> you will need to give more details: >> >> - What karaf distribution did you use? >> >> - What is your host and OS type? >> >> - What did you change? >> >> - Are you able to to connect to karaf locally via same URL?? >> >> >> -Dan >> >> On Mon, Apr 2, 2012 at 10:16 AM, Thiago Souza <[email protected]> >> wrote: >> > Hello all, >> > >> > Well, I still can not connect to JMX. I tried everything. I can even >> > telnet to port 1099 from the client, but yet can't connect to JMX. I >> > always >> > get: "Cannot connect >> > to service:jmx:rmi:///jndi/rmi://<host>:1099/karaf-root >> > using service:jmx:rmi:///jndi/rmi://<host>:1099/karaf-root". >> > That's really bad, hope I can convince the production team to >> > support my >> > system without JMX, that won't be an easy task... >> > >> > Thank you all, >> > Thiago Souza >> > >> > >> > On Wed, Mar 28, 2012 at 18:45, Achim Nierbeck <[email protected]> >> > wrote: >> >> >> >> Hi Reuben, >> >> >> >> I'd say this is less part of wisdom then of comfort or personal taste >> >> ;) >> >> From my experience with deploying any type of server in a production >> >> environment I'm personally in favor of closing everything up and >> >> add extra documentation on how to enable wanted "security breaches" for >> >> development or operation where needed. >> >> >> >> But again this is my personal feeling for it, and if disabling SSH is a >> >> regression we surely don't want to do it for the 2.2.x line >> >> but should consider it for the 3.0 line. >> >> >> >> Regards, Achim >> >> >> >> >> >> >> >> Am 28.03.2012 22:37, schrieb Reuben Garrett: >> >> >> >>> with due respect for those more experienced than i am, i feel it's >> >>> best >> >>> to disable by default any remote access, along the lines of "security >> >>> is >> >>> mandatory" [1]. sure, the deployer of an instance is responsible for >> >>> tuning >> >>> security - but it's nice to help people avoid mistakes. if necessary, >> >>> it >> >>> could even be deferred to a major release if there's a real >> >>> backwards-compatibility issue. >> >>> >> >>> that being said, i am still a fledgling, and i defer to the >> >>> committers' >> >>> wisdom. >> >>> >> >>> ~ Reuben >> >>> >> >>> [1]: http://www.apache.org/foundation/how-it-works.html#management >> >>> (below "Philosophy") >> >>> >> >> >> >> >> >> -- >> >> - Apache Karaf<http://karaf.apache.org/> Committer& PMC >> >> - OPS4J Pax Web<http://wiki.ops4j.org/display/paxweb/Pax+Web/> >> >> Committer& Project Lead >> >> - Blog<http://notizblog.nierbeck.de/> >> >> >> > > >
