From users-return-31955-apmail-activemq-users-archive=activemq.apache.org@activemq.apache.org Mon Sep 24 14:40:26 2012 Return-Path: X-Original-To: apmail-activemq-users-archive@www.apache.org Delivered-To: apmail-activemq-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4F515DB60 for ; Mon, 24 Sep 2012 14:40:26 +0000 (UTC) Received: (qmail 2692 invoked by uid 500); 24 Sep 2012 14:40:25 -0000 Delivered-To: apmail-activemq-users-archive@activemq.apache.org Received: (qmail 2651 invoked by uid 500); 24 Sep 2012 14:40:25 -0000 Mailing-List: contact users-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@activemq.apache.org Delivered-To: mailing list users@activemq.apache.org Received: (qmail 2643 invoked by uid 99); 24 Sep 2012 14:40:25 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Sep 2012 14:40:25 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of claus.ibsen@gmail.com designates 209.85.217.171 as permitted sender) Received: from [209.85.217.171] (HELO mail-lb0-f171.google.com) (209.85.217.171) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Sep 2012 14:40:20 +0000 Received: by lbom4 with SMTP id m4so4939444lbo.2 for ; Mon, 24 Sep 2012 07:39:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=inqa7AqIZbB85l5sc2u9vQWv4UBzcdJnZUSzjeQSjmU=; b=pRzGhVEaebXxNzH/0iHFzXw8wux9WxWh6ZyaiXKz7+QbgSlDepFN+QjWuZ7e3hMVU4 fGais+5BIBL1syW6tqFrw2n24S6IH0Zr/gLzs0Vznbncofaxr5HuPyLxDxlwDwx0cCpH 8XwCIYa7nAAvEPIe6UFzmbcKLbDg9Xt3EYrxICMvbanFgsY7ChwOzTAFDtWGrtKcp4Q+ a/nFupikRsPdpgOLkmFOj/KilsU6CWWyGrsQIjCpfyLHflG+QeCDmhqSjSH8bOE1r4tJ zyrl9NKCCjHMH6kt0GS9D3MvxDp1004s1Ee7oHJasQcponOiXd7aUqkQlpsY7CTT/j81 YVbA== Received: by 10.112.24.196 with SMTP id w4mr4270198lbf.37.1348497598933; Mon, 24 Sep 2012 07:39:58 -0700 (PDT) MIME-Version: 1.0 Received: by 10.112.7.230 with HTTP; Mon, 24 Sep 2012 07:39:38 -0700 (PDT) In-Reply-To: References: From: Claus Ibsen Date: Mon, 24 Sep 2012 16:39:38 +0200 Message-ID: Subject: Re: Failed to retrieve RMIServer stub To: users@activemq.apache.org Content-Type: text/plain; charset=ISO-8859-1 On Mon, Sep 24, 2012 at 3:38 PM, Kayode Odeyemi wrote: > On Mon, Sep 24, 2012 at 1:07 PM, Claus Ibsen wrote: > >> Hi >> >> When AMQ startup it uses JMX and exposes a JMX connector over TCP. >> This is using port 1099 by default. >> Since you get a connection refused there may be another process that >> uses this port. >> >> You can change the port number to something else. See details at >> http://activemq.apache.org/jmx.html >> >> In the conf/activemq.xml file you can configure this, by adding that >> piece of XML snippet, where you can set a different port number. >> >> You can also disable JMX all together, but then you cannot mange the >> broker over JMX which most people want to be able to do. >> >> Thanks. But I'll like to ask for a bit of clearance in this area; > > Are the following still required in 5.5+ > > conf/jmx.access: > > # The "monitorRole" role has readonly access. > # The "controlRole" role has readwrite access. > monitorRole readonly > controlRole readwrite > > conf/jmx.password: > > # The "monitorRole" role has password "abc123". > # The "controlRole" role has password "abcd1234". > monitorRole abc123 > controlRole abcd1234 > > > I don't have the following set in /etc/default/activemq. > > SUNJMX="-Dcom.sun.management.jmxremote.port=1616 > -Dcom.sun.management.jmxremote.ssl=false \ > -Dcom.sun.management.jmxremote.password.file=${ACTIVEMQ_BASE}/conf/jmx.password > \ > -Dcom.sun.management.jmxremote.access.file=${ACTIVEMQ_BASE}/conf/jmx.access" > > > Is this still required in 5.5+ ? > I think those -Dcom.sun... options is for JMX security. eg its standard Java stuff how to specify access control files for JMX access. It's not fancy but I guess it gets the job done. http://docs.oracle.com/javase/1.5.0/docs/guide/jmx/tutorial/security.html So you only need it if you want this kind of security. > My activemq.xml reads: > > > xmlns="http://www.springframework.org/schema/beans" > xmlns:amq="http://activemq.apache.org/schema/core" > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:schemaLocation="http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd > http://activemq.apache.org/schema/core > http://activemq.apache.org/schema/core/activemq-core.xsd"> > > > class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> > > file:${activemq.conf}/credentials.properties > > > > > brokerName="localhost" dataDirectory="${activemq.data}" useJmx="true"> > > > > > memoryLimit="1mb"> > > > > > memoryLimit="1mb"> > > > > > > > > > > > > > groups="mcollective,everyone"/> > groups="mcollective,admin,everyone"/> > > > > > > > admin="admins" /> > admin="admins" /> > read="mcollective" admin="mcollective" /> > read="mcollective" admin="mcollective" /> > write="everyone" admin="everyone"/> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks for taking time to listen Yeah in your activemq.xml file you have Which mean on startup a TCP port on port 1099 is started so remote clients can manage the broker with JMX. If you have a port number clash on 1099, you can change the number to something else. Or you can set createConnector=false, then no remote TCP connector is setup. But you can still do local JMX management from the same host. -- Claus Ibsen ----------------- Red Hat, Inc. FuseSource is now part of Red Hat Email: cibsen@redhat.com Web: http://fusesource.com Twitter: davsclaus Blog: http://davsclaus.com Author of Camel in Action: http://www.manning.com/ibsen