I have a default Glassfish 3 installation and I am trying to create a secured JMX connection to this server.
I am familiar with adding JVM arguments like:
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=8686
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote. authenticate=true
-Dcom.sun.management.jmxremote.password.file=/usr/SYNCH/PACKT/3166/Chapters_Code/resources/jmxremote.password
-Dcom.sun.management.jmxremote.access.file=/usr/SYNCH/PACKT/3166/Chapters_Code/resources/jmxremote.access
But I am confused by some blogs I see talking about using
asadmin set configs.config.server-config.admin-service.jmx-connector.system.security-enabled=true
to alter the to remove the security-enabled=”false” property.
So I want to know:
Does removing security-enabled=”false” entry on the make Glassfish use the built-in admin authentication provider? If so, how do I turn that security on so I can access JMX securely?
I am just confused as to what the is suppose to secure against and how to configure more advanced usages.
If the previous question is not correct and/or not possible, then is adding the JVM arguments above the only way to add login security for JMX on glassfish?
Out of the box, when you set a password for the admin user, jmx will require credentials.