You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2021/03/02 10:11:00 UTC

[jira] [Commented] (KARAF-6955) JMX: With rmiRegistryHost = 127.0.0.1, Karaf should listen only on 127.0.0.1

    [ https://issues.apache.org/jira/browse/KARAF-6955?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17293586#comment-17293586 ] 

Colm O hEigeartaigh commented on KARAF-6955:
--------------------------------------------

[~jbonofre] Can we get this fix merged?

> JMX: With rmiRegistryHost = 127.0.0.1, Karaf should listen only on 127.0.0.1
> ----------------------------------------------------------------------------
>
>                 Key: KARAF-6955
>                 URL: https://issues.apache.org/jira/browse/KARAF-6955
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf
>    Affects Versions: 4.2.9
>            Reporter: Martin Lichtin
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> JMX - with rmiRegistryHost = 127.0.0.1 Karaf should listen only on 127.0.0.1
> However, Karaf listens on 0.0.0.0 which opens up access to the network.
> {noformat}
> > config:list  "(service.pid=org.apache.karaf.management)"
> ----------------------------------------------------------------
> Pid:            org.apache.karaf.management
> BundleLocation: ?
> Properties:
>    daemon = true
>    felix.fileinstall.filename = file:mykaraf/etc/org.apache.karaf.management.cfg
>    jmxRealm = karaf
>    jmxmpEnabled = false
>    jmxmpHost = 127.0.0.1
>    jmxmpObjectName = connector:name=jmxmp
>    jmxmpPort = 9999
>    jmxmpServiceUrl = service:jmx:jmxmp://127.0.0.1:9999
>    objectName = connector:name=rmi
>    rmiRegistryHost = 127.0.0.1
>    rmiRegistryPort = 25031
>    rmiServerHost = 127.0.0.1
>    rmiServerPort = 25041
>    service.pid = org.apache.karaf.management
>    serviceUrl = service:jmx:rmi://127.0.0.1:25041/jndi/rmi://127.0.0.1:25031/karaf-mykaraf
>    threaded = true
> {noformat}
> Using netstat one can see the listen address is not 127.0.0.1:
> {noformat}
> $ netstat -n -l -t|grep 25031
> tcp      0      0 0.0.0.0:25031             0.0.0.0:*              LISTEN
> {noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)