on 07-05-2004 3:29 PM
I have the following problem: I have a software which tries to connect with the server through its own custom RMI connector.
So I have the RMI Connector deployed via Mlet-Service. I have written a small TestClient and can get a RemoteMBeanServer with RemoteMBeanServer rs = getRemoteMBeanServer(), but if I try to call something like rs.getMBeanCount() I get :
com.sap.engine.services.jmx.exception.JmxSecurityException: Caller Guest not authorized, only role administrators is allowed to access JMX
So the WebAS considers someone who tries to connect with this connector as guest. How do can I get authentication and autorization to access the JMX parts? The manual seems only to cover JSP and webapplications, where it is possible to configure a role for them. I only have this connector.jar, configuration and mlet-file.
I still have the option to use JAAS authentication with this connector, then I have to configure it differently and, the more difficult, to implemend
a method "public Subject authenticate(Object credentials)" where credentials are two Strings with user and passwd. But I am not quite sure how to fill the Subject with useful information.
Thanks in advance
Nils
Jmx is secured resource and only administrator role user
can access it.
If your code is running in a servlet you can define
the servlet to run as administrator
1. Add in the web.xml
<security-role>
<role-name>AnyName</role-name>
</security-role>
2. Add in the web-j2ee-engine.xml
security-role-map>
<role-name>AnyName</role-name>
<server-role-name>administrators</server-role-name>
</security-role-map>
If you are runnig from a remote client you just have to
Properties connectionProperties = new Properties();
connectionProperties.setProperty(
Context.INITIAL_CONTEXT_FACTORY,
"com.sap.engine.services.jndi.InitialContextFactoryImpl");
connectionProperties.setProperty
(Context.PROVIDER_URL, "<host:p4port>");
connectionProperties.setProperty
(Context.SECURITY_PRINCIPAL, "<ADMIN USER>");
connectionProperties.setProperty
(Context.SECURITY_CREDENTIALS, "<PASSWORD>");
MBeanServerConnection mbsc =
JmxConnectionFactory.getMBeanServerConnection(
JmxConnectionFactory.PROTOCOL_ENGINE_P4,
connectionProperties);
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.