You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by jb...@apache.org on 2020/03/03 14:29:24 UTC
[activemq-website] branch master updated: Updating Jolokia config
with CORS Setting
This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/activemq-website.git
The following commit(s) were added to refs/heads/master by this push:
new 33c2eda Updating Jolokia config with CORS Setting
new 45f7992 Merge pull request #27 from coheigea/jolokia_cors
33c2eda is described below
commit 33c2edad13bc3fffeaaaa4a71c1ea2cebf708abf
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Mar 3 14:27:34 2020 +0000
Updating Jolokia config with CORS Setting
---
content/rest.html | 9 +++++++--
src/rest.md | 9 +++++++--
2 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/content/rest.html b/content/rest.html
index e162609..94c9413 100644
--- a/content/rest.html
+++ b/content/rest.html
@@ -265,14 +265,19 @@ curl -XGET http://admin:admin@localhost:8161/api/message?destination=topic://ord
<h2 id="rest-management">Rest Management</h2>
<p>Starting with version 5.8 we provide a REST management API for the broker. Using <a href="http://www.jolokia.org/">Jolokia</a> JMX-HTTP bridge it’s possible to access all broker metrics (like memory usage) and execute management operations (like purging queues) using REST API. By default the management API is exposed at <a href="http://localhost:8161/api/jolokia/">http://localhost:8161/api/jolokia/</a> URL. So you can for example get basic broker data with</p>
-<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>wget --user admin --password admin --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost
+<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>wget --user admin --password admin --header "Origin: http://localhost" --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost
</code></pre></div></div>
<p>or to be more specific, total consumer count with</p>
-<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>wget --user admin --password admin --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost/TotalConsumerCount
+<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>wget --user admin --password admin --header "Origin: http://localhost" --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost/TotalConsumerCount
</code></pre></div></div>
<p>By default, ActiveMQ uses the <a href="https://github.com/apache/activemq/blob/master/assembly/src/release/webapps/api/WEB-INF/classes/jolokia-access.xml">following</a> Jolokia security policy:</p>
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code><restrict>
+ <!-- Enforce that an Origin/Referer header is present to prevent CSRF -->
+ <cors>
+ <strict-checking/>
+ </cors>
+
<!-- deny calling operations or getting attributes from these mbeans -->
<deny>
<mbean>
diff --git a/src/rest.md b/src/rest.md
index bca50b6..30b3964 100644
--- a/src/rest.md
+++ b/src/rest.md
@@ -199,16 +199,21 @@ Rest Management
Starting with version 5.8 we provide a REST management API for the broker. Using [Jolokia](http://www.jolokia.org/) JMX-HTTP bridge it's possible to access all broker metrics (like memory usage) and execute management operations (like purging queues) using REST API. By default the management API is exposed at [http://localhost:8161/api/jolokia/](http://localhost:8161/api/jolokia/) URL. So you can for example get basic broker data with
```
-wget --user admin --password admin --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost
+wget --user admin --password admin --header "Origin: http://localhost" --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost
```
or to be more specific, total consumer count with
```
-wget --user admin --password admin --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost/TotalConsumerCount
+wget --user admin --password admin --header "Origin: http://localhost" --auth-no-challenge http://localhost:8161/api/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost/TotalConsumerCount
```
By default, ActiveMQ uses the [following](https://github.com/apache/activemq/blob/master/assembly/src/release/webapps/api/WEB-INF/classes/jolokia-access.xml) Jolokia security policy:
```
<restrict>
+ <!-- Enforce that an Origin/Referer header is present to prevent CSRF -->
+ <cors>
+ <strict-checking/>
+ </cors>
+
<!-- deny calling operations or getting attributes from these mbeans -->
<deny>
<mbean>