JMX query to modify attribute value

[Cummins College <cu...@gmail.com>]

Hello,

I have tried this JMX query to modify the connector properties of
connector.
http://localhost:8080/manager/jmxproxy/?set=Catalina:type=Connector,port=8443&att=secure&val=false

When I again check the status of the connector with this query,
 http://localhost:8080/manager/jmxproxy/?qry=*:type=Connector,port=8443
the secure attribute is changes to false, but there is no change in the
sever.xml file for the same connector.

So, should I assume that atleast for runtime the secure attribute is false
and https is disabled?


Thank you

Re: JMX query to modify attribute value

[Pid <pi...@pidster.com>]

On 08/03/2010 10:04, Cummins College wrote:
> Hello,
>
> I have tried this JMX query to modify the connector properties of
> connector.
> http://localhost:8080/manager/jmxproxy/?set=Catalina:type=Connector,port=8443&att=secure&val=false
>
> When I again check the status of the connector with this query,
>   http://localhost:8080/manager/jmxproxy/?qry=*:type=Connector,port=8443
> the secure attribute is changes to false, but there is no change in the
> sever.xml file for the same connector.

Why would there be?  Dynamically changing Tomcat does not automatically 
cause the server.xml file to be updated?

> So, should I assume that atleast for runtime the secure attribute is false
> and https is disabled?

Umm, yes?  It depends on how YOU configured the server.xml in the first 
place.  You should assume that at least for runtime the attributes are 
what you configured them to be.


I'm wincing as I ask this, but why are you still trying to dynamically 
change this attribute?

The HTTPS connector also needs either a truststore or APR compatible SSL 
configuration setting AS WELL as setting other properties.  Simply 
setting 'secure="true"' on a connector does NOT automatically make it an 
HTTPS connector.

Note: the connector is not a per-user object, it is used by all users at 
the same time, so changing it for one user changes it for all users.

Worse, as we've previously stated, the HTTP connector is now likely to 
be broken, so not only do you not have a working HTTPS connector, you 
now don't have a working HTTP connector.


p



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: JMX query to modify attribute value

[Mark Thomas <ma...@apache.org>]

On 08/03/2010 10:04, Cummins College wrote:
> Hello,
> 
> I have tried this JMX query to modify the connector properties of
> connector.
> http://localhost:8080/manager/jmxproxy/?set=Catalina:type=Connector,port=8443&att=secure&val=false
> 
> When I again check the status of the connector with this query,
>  http://localhost:8080/manager/jmxproxy/?qry=*:type=Connector,port=8443
> the secure attribute is changes to false, but there is no change in the
> sever.xml file for the same connector.
> 
> So, should I assume that atleast for runtime the secure attribute is false
> and https is disabled?

Altering attributes via JMX will never update server.xml

The results of changing attributes whilst a component is running will
vary from having no effect, to causing a crash to having the result you
want. You'll have to check the code for each attribute to see which
applies. Cleaning up the write aspect of JMX access has been on the todo
list for a while but hasn't happened yet.

Mark



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org