Hi,
actually I think an internal access should always be possible, you're in
the same container, right.
About the strange behavior of not beeing able to access local jmx beans,
that's what I regard an issue :-)
regards, Achim
2015-03-22 15:13 GMT+01:00 Martin Lichtin <lich...@yahoo.com>:
> Maybe I'm missing something, but a simple Pax run shows that MBeans are
> accessible:
> E.g:
>
> @RunWith(PaxExam.class)
> @ExamReactorStrategy(PerClass.class)
> public class JmxAccessPaxTest {
> public static final String GROUP_ID = "org.apache.karaf";
> public static final String ARTIFACT_ID = "apache-karaf";
>
> @Configuration
> public Option[] config() {
> return new Option[] {
>
> karafDistributionConfiguration().frameworkUrl(maven().groupId(GROUP_ID).artifactId(ARTIFACT_ID).type("zip").versionAsInProject())
> .karafVersion(MavenUtils.getArtifactVersion(GROUP_ID,
> ARTIFACT_ID)).unpackDirectory(new
> File("target/paxexam/")).useDeployFolder(false),
> configureConsole().ignoreLocalConsole().startRemoteShell() };
> }
>
> @Test
> public void test_jmxAccess() throws Exception {
> MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
> ObjectName queryObjectName = new
> ObjectName("org.apache.karaf:type=*,name=*");
> Set<ObjectName> mySet = mbs.queryNames(queryObjectName, null);
> for (ObjectName on : mySet) {
> System.out.println(on.getCanonicalName());
> }
> ObjectName karafLog = new
> ObjectName("org.apache.karaf:type=log,name=root");
> System.out.println(karafLog.getCanonicalName() + " Level=" +
> mbs.getAttribute(karafLog, "Level"));
> }
>
> }
>
> I'll open a JIRA if this should not be possible.
>
>
> On 10.03.2015 14:38, Achim Nierbeck wrote:
>
> Hi,
>
> I think I've seen this behavior too. AFAIC this is a bug.
> Do you happen to have a scenario where it's really reproducible?
> Could you open a issue for it?
>
> Thanks, Achim
>
>
> 2015-03-10 14:23 GMT+01:00 Martin Lichtin <lich...@yahoo.com>:
>
>> I understand that access to MBeans is protected via RBAC mechanism:
>>
>> http://karaf.apache.org/manual/latest/users-guide/monitoring.html
>>
>> However, is this also the case for code running inside Karaf?
>> E.g. when doing
>>
>>
>>
>> MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
>>
>> it seems I can access all MBeans without requiring a username/password.
>>
>> However, this is not reliable.
>> Depending on startup timing (or something else), _sometimes_
>> I receive "Insufficient roles/credentials for operation" for a query,
>> indicating that KarafMBeanServerGuard is intervening.
>>
>
>
>
> --
>
> Apache Member
> Apache Karaf <http://karaf.apache.org/> Committer & PMC
> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer &
> Project Lead
> blog <http://notizblog.nierbeck.de/>
> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>
>
> Software Architect / Project Manager / Scrum Master
>
>
>
--
Apache Member
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer &
Project Lead
blog <http://notizblog.nierbeck.de/>
Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>
Software Architect / Project Manager / Scrum Master
