activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Tully <gary.tu...@gmail.com>
Subject Re: Bind only to localhost/private network
Date Wed, 25 Aug 2010 09:26:35 GMT
You should be able to specify the complete URI from the
managementContext, have it create the jmx rmi server rather than using
the management services built into the jvm:

<managementContext>
  <managementContext createConnector="true"/>
  <managementContext connectorPort="X" rmiServerPort="X+y"/>
</managementContext>

To see where these attributes are used peek at:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/jmx/ManagementContext.java?view=markup
createConnector method.

Also check out the details for jmx with a firewall:
http://blogs.sun.com/jmxetc/entry/connecting_through_firewall_using_jmx


On 24 August 2010 23:38, Eraos <remi@broemeling.org> wrote:
>
>
> Vjaceslavs Klimovs wrote:
>>
>> Hi,
>> Binding JMX to a specified address is unfortunately not trivial. For
>> details see this blog post:
>> http://vafer.org/blog/20061010091658
>>
>> You will probably be better off using firewall to whitelist only your
>> transport socket.
>>
>
> Ouch.  That's very unfortunate, particularly as one of the ports that
> ActiveMQ listens on (33689 in the above netstat output) bounces around.  If
> there is no way to lock those listens down to localhost (without editing the
> ActiveMQ source, anyway...), then is there any way to lock all of the ports
> down (so that they don't change), so that I can just firewall only those
> ports?
>
> I have nearly all of them locked down, only that 33689 one bounces around
> (it changes with every restart of ActiveMQ) -- can anyone tell me what it is
> and how I can force it to be predictable?
>
> Thanks.
> --
> View this message in context: http://old.nabble.com/Bind-only-to-localhost-private-network-tp29526752p29527128.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>



-- 
http://blog.garytully.com

Open Source Integration
http://fusesource.com

Mime
View raw message