You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by Kathey Marsden <km...@sbcglobal.net> on 2008/04/21 19:52:13 UTC
trouble getting user/password access to work with JMX
On Windows I am working my way through
http://wiki.apache.org/db-derby/DerbyJMXQuickStart
I am on the example
Example: Enabling Remote JMX, password authentication, no SSL
I found that to get the server to get the start command to work cleanly
I needed to change the permissions on
jmxremote.password with
cacls jmxremote.password /P <username>:R
I then try to connect in jconsole with
localhost:9999
user: monitorRole
password: derbym
But I get a failed to connect message with no other information. Any
idea what I might be doing wrong.
I can connect to the process id with no user/password.
Thanks
Kathey
Re: trouble getting user/password access to work with JMX
Posted by "John H. Embretsen" <Jo...@Sun.COM>.
Kathey Marsden wrote:
> Kathey Marsden wrote:
>> On Windows I am working my way through
>> http://wiki.apache.org/db-derby/DerbyJMXQuickStart
>>
>> I am on the example
>>
>>
>> Example: Enabling Remote JMX, password authentication, no SSL
>>
>> I found that to get the server to get the start command to work
>> cleanly I needed to change the permissions on
>> jmxremote.password with
>> cacls jmxremote.password /P <username>:R
Right, the password file feature relies on file system access control.
The password file must be readable by the owner only. This means that
this security feature will not be available on FAT32 systems, and on
NTFS some special configuration is most likely required
(http://java.sun.com/javase/6/docs/technotes/guides/management/security-windows.html).
This should of course have been made clear on the wiki - I will update
the page soon.
>> I then try to connect in jconsole with
>> localhost:9999
>> user: monitorRole
>> password: derbym
>>
>> But I get a failed to connect message with no other information. Any
>> idea what I might be doing wrong.
>>
> Seems to work ok if I run without security manager. Maybe I needed to
> read further about security manager changes for jmx.
Since you are authenticating using credentials, you will need to grant
permissions to the JMXPrincipal representing you. JConsole requires some
additional permissions (some that are not related to Derby), and a
hopefully working example set of permissions is included on the wiki.
--
John
Re: trouble getting user/password access to work with JMX
Posted by Kathey Marsden <km...@sbcglobal.net>.
Kathey Marsden wrote:
> On Windows I am working my way through
> http://wiki.apache.org/db-derby/DerbyJMXQuickStart
>
> I am on the example
>
>
> Example: Enabling Remote JMX, password authentication, no SSL
>
> I found that to get the server to get the start command to work
> cleanly I needed to change the permissions on
> jmxremote.password with
> cacls jmxremote.password /P <username>:R
>
> I then try to connect in jconsole with
> localhost:9999
> user: monitorRole
> password: derbym
>
> But I get a failed to connect message with no other information. Any
> idea what I might be doing wrong.
>
Seems to work ok if I run without security manager. Maybe I needed to
read further about security manager changes for jmx.
Kathey