You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Frans (JIRA)" <ji...@apache.org> on 2018/11/26 23:23:00 UTC
[jira] [Created] (TOMEE-2294) Can't disable unauthenticated JMX on
1099
Frans created TOMEE-2294:
----------------------------
Summary: Can't disable unauthenticated JMX on 1099
Key: TOMEE-2294
URL: https://issues.apache.org/jira/browse/TOMEE-2294
Project: TomEE
Issue Type: Bug
Components: TomEE Core Server
Reporter: Frans
Fix For: 8.0.0-Final
ActiveMQ comes bundled with a JMX host that is default on authenticated on port 1099.
{code:java}
<Resource id="JmsResourceAdapter" type="ActiveMQResourceAdapter">
BrokerXmlConfig = broker:(vm://broker)?useJmx=false
ServerUrl = vm://broker
</Resource>{code}
Tomee's resource configuration doesn't allow this to be disabled. The above doesn't work.
This can be disabled by inspecting an activemq jar's manifest, pulling down the same version of activemq-all, and putting that in the tomee/lib directory, at which point this works:
{code:java}
<Resource id="JmsResourceAdapter" type="ActiveMQResourceAdapter">
BrokerXmlConfig = xbean:file:activemq.xml
ServerUrl = vm://broker
</Resource>
{code}
{code:java}
<broker xmlns="http://activemq.apache.org/schema/core"
useJmx="false"
brokerName="broker"
useShutdownHook="false"
persistent="true"
start="true"
schedulerSupport="false"
enableStatistics="false"
offlineDurableSubscriberTimeout="259200000"
offlineDurableSubscriberTaskSchedule="3600000">
{code}
However, convincing the guy hosting the server to inspect JAR manifests, pull down specific jars, and maintain a second configuration file seems like a lot of effort to go to just to have the ability to disable unauthenticated access to every MBean in the VM
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)