You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Paul, Subhro" <Su...@pseg.com> on 2015/04/07 16:45:15 UTC
Issue with JMX in tomcat
Dear Team,
Below is the property I was using to enable JMX in tomcat.conf file without authentication :
CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
This was working fine through jConsole or VisualVM remotely.
To move the change in production server we decided to enable user authentication. So, on the same box we did a trial and changed the property value as below:
CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Djava.rmi.server.hostname=10.184.222.84 -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
Content in jmxremote.access :
monitorRole readonly
controlRole readwrite
Content in jmxremote.password :
monitorRole webserve
controlRole webserve
Tomcat is running under "webserve" user. Now every time we connect to the JMX on the server getting message "Authentication Failed! Invalid username or password"
We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me know what I need to change here?
Thanks & Regards,
Subhro Paul
-----------------------------------------
The information contained in this e-mail, including any attachment(s), is intended solely for use by the named addressee(s). If you are not the intended recipient, or a person designated as responsible for delivering such messages to the intended recipient, you are not authorized to disclose, copy, distribute or retain this message, in whole or in part, without written authorization from PSEG. This e-mail may contain proprietary, confidential or privileged information. If you have received this message in error, please notify the sender immediately. This notice is included in all e-mail messages leaving PSEG. Thank you for your cooperation.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Issue with JMX in tomcat
Posted by "Paul, Subhro" <Su...@pseg.com>.
-----Original Message-----
From: André Warnier [mailto:aw@ice-sa.com]
Sent: Tuesday, April 07, 2015 11:02 AM
To: Tomcat Users List
Subject: Re: Issue with JMX in tomcat
Email sent from outside of PSEG. Use caution before using links/attachments.
Paul, Subhro wrote:
> Dear Team,
>
> Below is the property I was using to enable JMX in tomcat.conf file without authentication :
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
>
> This was working fine through jConsole or VisualVM remotely.
>
> To move the change in production server we decided to enable user authentication. So, on the same box we did a trial and changed the property value as below:
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Djava.rmi.server.hostname=10.184.222.84 -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
>
> Content in jmxremote.access :
> monitorRole readonly
> controlRole readwrite
>
>
> Content in jmxremote.password :
> monitorRole webserve
> controlRole webserve
>
>
> Tomcat is running under "webserve" user. Now every time we connect to the JMX on the server getting message "Authentication Failed! Invalid username or password"
>
> We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me know what I need to change here?
>
>
Hi. Just a shot in the dark, and I have not rechecked the Java JVM documentation for this
right now.
Are the files "jmxremote.password" and "jmxremote.access"
- owned by the user which runs tomcat
- readable by, and *only* by the user which runs tomcat
?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Dear Andre,
Yes. It's readonly to webserve user and owner of the password file is also webserve user.
Thanks & Regards,
Subhro Paul
-----------------------------------------
The information contained in this e-mail, including any attachment(s), is intended solely for use by the named addressee(s). If you are not the intended recipient, or a person designated as responsible for delivering such messages to the intended recipient, you are not authorized to disclose, copy, distribute or retain this message, in whole or in part, without written authorization from PSEG. This e-mail may contain proprietary, confidential or privileged information. If you have received this message in error, please notify the sender immediately. This notice is included in all e-mail messages leaving PSEG. Thank you for your cooperation.
Re: Issue with JMX in tomcat
Posted by André Warnier <aw...@ice-sa.com>.
Paul, Subhro wrote:
> Dear Team,
>
> Below is the property I was using to enable JMX in tomcat.conf file without authentication :
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
>
> This was working fine through jConsole or VisualVM remotely.
>
> To move the change in production server we decided to enable user authentication. So, on the same box we did a trial and changed the property value as below:
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Djava.rmi.server.hostname=10.184.222.84 -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
>
> Content in jmxremote.access :
> monitorRole readonly
> controlRole readwrite
>
>
> Content in jmxremote.password :
> monitorRole webserve
> controlRole webserve
>
>
> Tomcat is running under "webserve" user. Now every time we connect to the JMX on the server getting message "Authentication Failed! Invalid username or password"
>
> We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me know what I need to change here?
>
>
Hi. Just a shot in the dark, and I have not rechecked the Java JVM documentation for this
right now.
Are the files "jmxremote.password" and "jmxremote.access"
- owned by the user which runs tomcat
- readable by, and *only* by the user which runs tomcat
?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Issue with JMX in tomcat
Posted by André Warnier <aw...@ice-sa.com>.
Paul, Subhro wrote:
>
> -----Original Message-----
> From: Neill Lima [mailto:neill.lima@visual-meta.com]
> Sent: Tuesday, April 07, 2015 11:25 AM
> To: Tomcat Users List
> Subject: Re: Issue with JMX in tomcat
>
> Email sent from outside of PSEG. Use caution before using links/attachments.
>
>
> Tried chmodding 600 in both .access and .password files?
>
> On Tue, Apr 7, 2015 at 5:19 PM, Paul, Subhro <Su...@pseg.com> wrote:
>
>>
>> -----Original Message-----
>> From: Niranjan Babu Bommu [mailto:niranjan.bommu@gmail.com]
>> Sent: Tuesday, April 07, 2015 11:02 AM
>> To: Tomcat Users List
>> Subject: Re: Issue with JMX in tomcat
>>
>> Email sent from outside of PSEG. Use caution before using
>> links/attachments.
>>
>>
>> I think the following OPTS is missing.
>>
>> -Dcom.sun.management.jmxremote=true
>>
>> On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro <Su...@pseg.com>
>> wrote:
>>
>>> Dear Team,
>>>
>>> Below is the property I was using to enable JMX in tomcat.conf file
>>> without authentication :
>>>
>>> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
>>> -Dcom.sun.management.jmxremote.ssl=false
>>> -Dcom.sun.management.jmxremote.authenticate=false
>>> -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
>>>
>>> This was working fine through jConsole or VisualVM remotely.
>>>
>>> To move the change in production server we decided to enable user
>>> authentication. So, on the same box we did a trial and changed the
>> property
>>> value as below:
>>>
>>> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
>>> -Dcom.sun.management.jmxremote.ssl=false
>>> -Dcom.sun.management.jmxremote.authenticate=true
>>> -Djava.rmi.server.hostname=10.184.222.84
>>>
>> -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
>> -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
>>> Content in jmxremote.access :
>>> monitorRole readonly
>>> controlRole readwrite
>>>
>>>
>>> Content in jmxremote.password :
>>> monitorRole webserve
>>> controlRole webserve
>>>
>>>
>>> Tomcat is running under "webserve" user. Now every time we connect to the
>>> JMX on the server getting message "Authentication Failed! Invalid
>> username
>>> or password"
>>>
>>> We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me
>> know
>>> what I need to change here?
>>>
>>> Thanks & Regards,
>>> Subhro Paul
>>>
>>>
>>>
>>> -----------------------------------------
>>>
>>> The information contained in this e-mail, including any attachment(s), is
>>> intended solely for use by the named addressee(s). If you are not the
>>> intended recipient, or a person designated as responsible for delivering
>>> such messages to the intended recipient, you are not authorized to
>>> disclose, copy, distribute or retain this message, in whole or in part,
>>> without written authorization from PSEG. This e-mail may contain
>>> proprietary, confidential or privileged information. If you have received
>>> this message in error, please notify the sender immediately. This notice
>> is
>>> included in all e-mail messages leaving PSEG. Thank you for your
>>> cooperation.
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>
>> --
>> *Thanks*
>> *Niranjan*
>> *+1 781.956.6900*
>>
>>
>>
>> Dear Niranjan,
>>
>> I applied your suggestion and restarted the server. But I am still getting
>> same message.
>>
>> Thanks & Regards,
>> Subhro Paul
>>
>>
>> -----------------------------------------
>>
>> The information contained in this e-mail, including any attachment(s), is
>> intended solely for use by the named addressee(s). If you are not the
>> intended recipient, or a person designated as responsible for delivering
>> such messages to the intended recipient, you are not authorized to
>> disclose, copy, distribute or retain this message, in whole or in part,
>> without written authorization from PSEG. This e-mail may contain
>> proprietary, confidential or privileged information. If you have received
>> this message in error, please notify the sender immediately. This notice is
>> included in all e-mail messages leaving PSEG. Thank you for your
>> cooperation.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
> Dear Niell,
>
> Yes I have tried that option too. No luck till now.
>
> Thanks & Regards,
> Subhro Paul
>
Since you indicate that you are using Java 1.6 (but not which one), you may want to have a
careful look here :
http://docs.oracle.com/javase/6/docs/technotes/guides/management/agent.html
(only if you are using the sun/oracle java 1.6 though).
From a brief look, it seems that you are missing the option "-Dcom.sun.management.jmxremote".
(which Niell already pointed out)
And have a careful look at the section "To Set up a Single-User Environment", to make sure
that you put the files *in the right place* and with the correct permissions.
(at least the location which you indicate does not seem to match that documentation).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Issue with JMX in tomcat
Posted by "Paul, Subhro" <Su...@pseg.com>.
-----Original Message-----
From: Neill Lima [mailto:neill.lima@visual-meta.com]
Sent: Tuesday, April 07, 2015 11:25 AM
To: Tomcat Users List
Subject: Re: Issue with JMX in tomcat
Email sent from outside of PSEG. Use caution before using links/attachments.
Tried chmodding 600 in both .access and .password files?
On Tue, Apr 7, 2015 at 5:19 PM, Paul, Subhro <Su...@pseg.com> wrote:
>
>
> -----Original Message-----
> From: Niranjan Babu Bommu [mailto:niranjan.bommu@gmail.com]
> Sent: Tuesday, April 07, 2015 11:02 AM
> To: Tomcat Users List
> Subject: Re: Issue with JMX in tomcat
>
> Email sent from outside of PSEG. Use caution before using
> links/attachments.
>
>
> I think the following OPTS is missing.
>
> -Dcom.sun.management.jmxremote=true
>
> On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro <Su...@pseg.com>
> wrote:
>
> > Dear Team,
> >
> > Below is the property I was using to enable JMX in tomcat.conf file
> > without authentication :
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=false
> > -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
> >
> > This was working fine through jConsole or VisualVM remotely.
> >
> > To move the change in production server we decided to enable user
> > authentication. So, on the same box we did a trial and changed the
> property
> > value as below:
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=true
> > -Djava.rmi.server.hostname=10.184.222.84
> >
> -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
> >
> -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
> >
> > Content in jmxremote.access :
> > monitorRole readonly
> > controlRole readwrite
> >
> >
> > Content in jmxremote.password :
> > monitorRole webserve
> > controlRole webserve
> >
> >
> > Tomcat is running under "webserve" user. Now every time we connect to the
> > JMX on the server getting message "Authentication Failed! Invalid
> username
> > or password"
> >
> > We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me
> know
> > what I need to change here?
> >
> > Thanks & Regards,
> > Subhro Paul
> >
> >
> >
> > -----------------------------------------
> >
> > The information contained in this e-mail, including any attachment(s), is
> > intended solely for use by the named addressee(s). If you are not the
> > intended recipient, or a person designated as responsible for delivering
> > such messages to the intended recipient, you are not authorized to
> > disclose, copy, distribute or retain this message, in whole or in part,
> > without written authorization from PSEG. This e-mail may contain
> > proprietary, confidential or privileged information. If you have received
> > this message in error, please notify the sender immediately. This notice
> is
> > included in all e-mail messages leaving PSEG. Thank you for your
> > cooperation.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900*
>
>
>
> Dear Niranjan,
>
> I applied your suggestion and restarted the server. But I am still getting
> same message.
>
> Thanks & Regards,
> Subhro Paul
>
>
> -----------------------------------------
>
> The information contained in this e-mail, including any attachment(s), is
> intended solely for use by the named addressee(s). If you are not the
> intended recipient, or a person designated as responsible for delivering
> such messages to the intended recipient, you are not authorized to
> disclose, copy, distribute or retain this message, in whole or in part,
> without written authorization from PSEG. This e-mail may contain
> proprietary, confidential or privileged information. If you have received
> this message in error, please notify the sender immediately. This notice is
> included in all e-mail messages leaving PSEG. Thank you for your
> cooperation.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Dear Niell,
Yes I have tried that option too. No luck till now.
Thanks & Regards,
Subhro Paul
-----------------------------------------
The information contained in this e-mail, including any attachment(s), is intended solely for use by the named addressee(s). If you are not the intended recipient, or a person designated as responsible for delivering such messages to the intended recipient, you are not authorized to disclose, copy, distribute or retain this message, in whole or in part, without written authorization from PSEG. This e-mail may contain proprietary, confidential or privileged information. If you have received this message in error, please notify the sender immediately. This notice is included in all e-mail messages leaving PSEG. Thank you for your cooperation.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Issue with JMX in tomcat
Posted by Neill Lima <ne...@visual-meta.com>.
Tried chmodding 600 in both .access and .password files?
On Tue, Apr 7, 2015 at 5:19 PM, Paul, Subhro <Su...@pseg.com> wrote:
>
>
> -----Original Message-----
> From: Niranjan Babu Bommu [mailto:niranjan.bommu@gmail.com]
> Sent: Tuesday, April 07, 2015 11:02 AM
> To: Tomcat Users List
> Subject: Re: Issue with JMX in tomcat
>
> Email sent from outside of PSEG. Use caution before using
> links/attachments.
>
>
> I think the following OPTS is missing.
>
> -Dcom.sun.management.jmxremote=true
>
> On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro <Su...@pseg.com>
> wrote:
>
> > Dear Team,
> >
> > Below is the property I was using to enable JMX in tomcat.conf file
> > without authentication :
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=false
> > -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
> >
> > This was working fine through jConsole or VisualVM remotely.
> >
> > To move the change in production server we decided to enable user
> > authentication. So, on the same box we did a trial and changed the
> property
> > value as below:
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=true
> > -Djava.rmi.server.hostname=10.184.222.84
> >
> -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
> >
> -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
> >
> > Content in jmxremote.access :
> > monitorRole readonly
> > controlRole readwrite
> >
> >
> > Content in jmxremote.password :
> > monitorRole webserve
> > controlRole webserve
> >
> >
> > Tomcat is running under "webserve" user. Now every time we connect to the
> > JMX on the server getting message "Authentication Failed! Invalid
> username
> > or password"
> >
> > We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me
> know
> > what I need to change here?
> >
> > Thanks & Regards,
> > Subhro Paul
> >
> >
> >
> > -----------------------------------------
> >
> > The information contained in this e-mail, including any attachment(s), is
> > intended solely for use by the named addressee(s). If you are not the
> > intended recipient, or a person designated as responsible for delivering
> > such messages to the intended recipient, you are not authorized to
> > disclose, copy, distribute or retain this message, in whole or in part,
> > without written authorization from PSEG. This e-mail may contain
> > proprietary, confidential or privileged information. If you have received
> > this message in error, please notify the sender immediately. This notice
> is
> > included in all e-mail messages leaving PSEG. Thank you for your
> > cooperation.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900*
>
>
>
> Dear Niranjan,
>
> I applied your suggestion and restarted the server. But I am still getting
> same message.
>
> Thanks & Regards,
> Subhro Paul
>
>
> -----------------------------------------
>
> The information contained in this e-mail, including any attachment(s), is
> intended solely for use by the named addressee(s). If you are not the
> intended recipient, or a person designated as responsible for delivering
> such messages to the intended recipient, you are not authorized to
> disclose, copy, distribute or retain this message, in whole or in part,
> without written authorization from PSEG. This e-mail may contain
> proprietary, confidential or privileged information. If you have received
> this message in error, please notify the sender immediately. This notice is
> included in all e-mail messages leaving PSEG. Thank you for your
> cooperation.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: Issue with JMX in tomcat
Posted by "Paul, Subhro" <Su...@pseg.com>.
-----Original Message-----
From: Niranjan Babu Bommu [mailto:niranjan.bommu@gmail.com]
Sent: Tuesday, April 07, 2015 11:33 AM
To: Tomcat Users List
Subject: Re: Issue with JMX in tomcat
Email sent from outside of PSEG. Use caution before using links/attachments.
What you see in the log?
can you try chmod to read on two files?
-r-------- 1 jmxremote.password
-r-------- 1 jmxremote.access
On Tue, Apr 7, 2015 at 11:19 AM, Paul, Subhro <Su...@pseg.com> wrote:
>
>
> -----Original Message-----
> From: Niranjan Babu Bommu [mailto:niranjan.bommu@gmail.com]
> Sent: Tuesday, April 07, 2015 11:02 AM
> To: Tomcat Users List
> Subject: Re: Issue with JMX in tomcat
>
> Email sent from outside of PSEG. Use caution before using
> links/attachments.
>
>
> I think the following OPTS is missing.
>
> -Dcom.sun.management.jmxremote=true
>
> On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro <Su...@pseg.com>
> wrote:
>
> > Dear Team,
> >
> > Below is the property I was using to enable JMX in tomcat.conf file
> > without authentication :
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=false
> > -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
> >
> > This was working fine through jConsole or VisualVM remotely.
> >
> > To move the change in production server we decided to enable user
> > authentication. So, on the same box we did a trial and changed the
> property
> > value as below:
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=true
> > -Djava.rmi.server.hostname=10.184.222.84
> >
> -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
> >
> -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
> >
> > Content in jmxremote.access :
> > monitorRole readonly
> > controlRole readwrite
> >
> >
> > Content in jmxremote.password :
> > monitorRole webserve
> > controlRole webserve
> >
> >
> > Tomcat is running under "webserve" user. Now every time we connect to the
> > JMX on the server getting message "Authentication Failed! Invalid
> username
> > or password"
> >
> > We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me
> know
> > what I need to change here?
> >
> > Thanks & Regards,
> > Subhro Paul
> >
> >
> >
> > -----------------------------------------
> >
> > The information contained in this e-mail, including any attachment(s), is
> > intended solely for use by the named addressee(s). If you are not the
> > intended recipient, or a person designated as responsible for delivering
> > such messages to the intended recipient, you are not authorized to
> > disclose, copy, distribute or retain this message, in whole or in part,
> > without written authorization from PSEG. This e-mail may contain
> > proprietary, confidential or privileged information. If you have received
> > this message in error, please notify the sender immediately. This notice
> is
> > included in all e-mail messages leaving PSEG. Thank you for your
> > cooperation.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900*
>
>
>
> Dear Niranjan,
>
> I applied your suggestion and restarted the server. But I am still getting
> same message.
>
> Thanks & Regards,
> Subhro Paul
>
>
> -----------------------------------------
>
> The information contained in this e-mail, including any attachment(s), is
> intended solely for use by the named addressee(s). If you are not the
> intended recipient, or a person designated as responsible for delivering
> such messages to the intended recipient, you are not authorized to
> disclose, copy, distribute or retain this message, in whole or in part,
> without written authorization from PSEG. This e-mail may contain
> proprietary, confidential or privileged information. If you have received
> this message in error, please notify the sender immediately. This notice is
> included in all e-mail messages leaving PSEG. Thank you for your
> cooperation.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
*Thanks*
*Niranjan*
*+1 781.956.6900*
Dear Niranjan,
Yes I checked the log too. No issue reported for the file access.
Thanks & Regards,
Subhro Paul
-----------------------------------------
The information contained in this e-mail, including any attachment(s), is intended solely for use by the named addressee(s). If you are not the intended recipient, or a person designated as responsible for delivering such messages to the intended recipient, you are not authorized to disclose, copy, distribute or retain this message, in whole or in part, without written authorization from PSEG. This e-mail may contain proprietary, confidential or privileged information. If you have received this message in error, please notify the sender immediately. This notice is included in all e-mail messages leaving PSEG. Thank you for your cooperation.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Issue with JMX in tomcat
Posted by Niranjan Babu Bommu <ni...@gmail.com>.
What you see in the log?
can you try chmod to read on two files?
-r-------- 1 jmxremote.password
-r-------- 1 jmxremote.access
On Tue, Apr 7, 2015 at 11:19 AM, Paul, Subhro <Su...@pseg.com> wrote:
>
>
> -----Original Message-----
> From: Niranjan Babu Bommu [mailto:niranjan.bommu@gmail.com]
> Sent: Tuesday, April 07, 2015 11:02 AM
> To: Tomcat Users List
> Subject: Re: Issue with JMX in tomcat
>
> Email sent from outside of PSEG. Use caution before using
> links/attachments.
>
>
> I think the following OPTS is missing.
>
> -Dcom.sun.management.jmxremote=true
>
> On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro <Su...@pseg.com>
> wrote:
>
> > Dear Team,
> >
> > Below is the property I was using to enable JMX in tomcat.conf file
> > without authentication :
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=false
> > -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
> >
> > This was working fine through jConsole or VisualVM remotely.
> >
> > To move the change in production server we decided to enable user
> > authentication. So, on the same box we did a trial and changed the
> property
> > value as below:
> >
> > CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> > -Dcom.sun.management.jmxremote.ssl=false
> > -Dcom.sun.management.jmxremote.authenticate=true
> > -Djava.rmi.server.hostname=10.184.222.84
> >
> -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
> >
> -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
> >
> > Content in jmxremote.access :
> > monitorRole readonly
> > controlRole readwrite
> >
> >
> > Content in jmxremote.password :
> > monitorRole webserve
> > controlRole webserve
> >
> >
> > Tomcat is running under "webserve" user. Now every time we connect to the
> > JMX on the server getting message "Authentication Failed! Invalid
> username
> > or password"
> >
> > We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me
> know
> > what I need to change here?
> >
> > Thanks & Regards,
> > Subhro Paul
> >
> >
> >
> > -----------------------------------------
> >
> > The information contained in this e-mail, including any attachment(s), is
> > intended solely for use by the named addressee(s). If you are not the
> > intended recipient, or a person designated as responsible for delivering
> > such messages to the intended recipient, you are not authorized to
> > disclose, copy, distribute or retain this message, in whole or in part,
> > without written authorization from PSEG. This e-mail may contain
> > proprietary, confidential or privileged information. If you have received
> > this message in error, please notify the sender immediately. This notice
> is
> > included in all e-mail messages leaving PSEG. Thank you for your
> > cooperation.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> --
> *Thanks*
> *Niranjan*
> *+1 781.956.6900*
>
>
>
> Dear Niranjan,
>
> I applied your suggestion and restarted the server. But I am still getting
> same message.
>
> Thanks & Regards,
> Subhro Paul
>
>
> -----------------------------------------
>
> The information contained in this e-mail, including any attachment(s), is
> intended solely for use by the named addressee(s). If you are not the
> intended recipient, or a person designated as responsible for delivering
> such messages to the intended recipient, you are not authorized to
> disclose, copy, distribute or retain this message, in whole or in part,
> without written authorization from PSEG. This e-mail may contain
> proprietary, confidential or privileged information. If you have received
> this message in error, please notify the sender immediately. This notice is
> included in all e-mail messages leaving PSEG. Thank you for your
> cooperation.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
*Thanks*
*Niranjan*
*+1 781.956.6900*
RE: Issue with JMX in tomcat
Posted by "Paul, Subhro" <Su...@pseg.com>.
-----Original Message-----
From: Niranjan Babu Bommu [mailto:niranjan.bommu@gmail.com]
Sent: Tuesday, April 07, 2015 11:02 AM
To: Tomcat Users List
Subject: Re: Issue with JMX in tomcat
Email sent from outside of PSEG. Use caution before using links/attachments.
I think the following OPTS is missing.
-Dcom.sun.management.jmxremote=true
On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro <Su...@pseg.com> wrote:
> Dear Team,
>
> Below is the property I was using to enable JMX in tomcat.conf file
> without authentication :
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> -Dcom.sun.management.jmxremote.ssl=false
> -Dcom.sun.management.jmxremote.authenticate=false
> -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
>
> This was working fine through jConsole or VisualVM remotely.
>
> To move the change in production server we decided to enable user
> authentication. So, on the same box we did a trial and changed the property
> value as below:
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> -Dcom.sun.management.jmxremote.ssl=false
> -Dcom.sun.management.jmxremote.authenticate=true
> -Djava.rmi.server.hostname=10.184.222.84
> -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
> -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
>
> Content in jmxremote.access :
> monitorRole readonly
> controlRole readwrite
>
>
> Content in jmxremote.password :
> monitorRole webserve
> controlRole webserve
>
>
> Tomcat is running under "webserve" user. Now every time we connect to the
> JMX on the server getting message "Authentication Failed! Invalid username
> or password"
>
> We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me know
> what I need to change here?
>
> Thanks & Regards,
> Subhro Paul
>
>
>
> -----------------------------------------
>
> The information contained in this e-mail, including any attachment(s), is
> intended solely for use by the named addressee(s). If you are not the
> intended recipient, or a person designated as responsible for delivering
> such messages to the intended recipient, you are not authorized to
> disclose, copy, distribute or retain this message, in whole or in part,
> without written authorization from PSEG. This e-mail may contain
> proprietary, confidential or privileged information. If you have received
> this message in error, please notify the sender immediately. This notice is
> included in all e-mail messages leaving PSEG. Thank you for your
> cooperation.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
*Thanks*
*Niranjan*
*+1 781.956.6900*
Dear Niranjan,
I applied your suggestion and restarted the server. But I am still getting same message.
Thanks & Regards,
Subhro Paul
-----------------------------------------
The information contained in this e-mail, including any attachment(s), is intended solely for use by the named addressee(s). If you are not the intended recipient, or a person designated as responsible for delivering such messages to the intended recipient, you are not authorized to disclose, copy, distribute or retain this message, in whole or in part, without written authorization from PSEG. This e-mail may contain proprietary, confidential or privileged information. If you have received this message in error, please notify the sender immediately. This notice is included in all e-mail messages leaving PSEG. Thank you for your cooperation.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Issue with JMX in tomcat
Posted by Niranjan Babu Bommu <ni...@gmail.com>.
I think the following OPTS is missing.
-Dcom.sun.management.jmxremote=true
On Tue, Apr 7, 2015 at 10:45 AM, Paul, Subhro <Su...@pseg.com> wrote:
> Dear Team,
>
> Below is the property I was using to enable JMX in tomcat.conf file
> without authentication :
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> -Dcom.sun.management.jmxremote.ssl=false
> -Dcom.sun.management.jmxremote.authenticate=false
> -Djava.rmi.server.hostname=xx.xxx.xxx.xxx"
>
> This was working fine through jConsole or VisualVM remotely.
>
> To move the change in production server we decided to enable user
> authentication. So, on the same box we did a trial and changed the property
> value as below:
>
> CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.port=9010
> -Dcom.sun.management.jmxremote.ssl=false
> -Dcom.sun.management.jmxremote.authenticate=true
> -Djava.rmi.server.hostname=10.184.222.84
> -Dcom.sun.management.jmxremote.password.file=/export/home/webserve/jmxremote.password
> -Dcom.sun.management.jmxremote.access.file=/export/home/webserve/jmxremote.access"
>
> Content in jmxremote.access :
> monitorRole readonly
> controlRole readwrite
>
>
> Content in jmxremote.password :
> monitorRole webserve
> controlRole webserve
>
>
> Tomcat is running under "webserve" user. Now every time we connect to the
> JMX on the server getting message "Authentication Failed! Invalid username
> or password"
>
> We are using Linux 6.5 64 bit OS, Tomcat6 and JAVA 1.6. Please let me know
> what I need to change here?
>
> Thanks & Regards,
> Subhro Paul
>
>
>
> -----------------------------------------
>
> The information contained in this e-mail, including any attachment(s), is
> intended solely for use by the named addressee(s). If you are not the
> intended recipient, or a person designated as responsible for delivering
> such messages to the intended recipient, you are not authorized to
> disclose, copy, distribute or retain this message, in whole or in part,
> without written authorization from PSEG. This e-mail may contain
> proprietary, confidential or privileged information. If you have received
> this message in error, please notify the sender immediately. This notice is
> included in all e-mail messages leaving PSEG. Thank you for your
> cooperation.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
*Thanks*
*Niranjan*
*+1 781.956.6900*