db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Db-derby Wiki] Update of "JMXSecurityExpectations" by DanDebrunner
Date Tue, 19 Feb 2008 18:51:58 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Db-derby Wiki" for change notification.

The following page has been changed by DanDebrunner:
http://wiki.apache.org/db-derby/JMXSecurityExpectations

------------------------------------------------------------------------------
  
  == JMX Security setups ==
  === Local JMX ===
- A jvm may be setup to automatically provide local jmx access. In this case the OS user running
the client must match the OS user that started the jvm being monitored.
+ A jvm may be setup to automatically provide local jmx access. In this case the OS user running
the client must match the OS user that started the jvm being monitored. JMX authentication
and access level does not apply here.
-  * /!\ Not sure how JMX access level fits in here.
  ==== No Security Manager (local) ====
-  * With no security manager then any authenticated remote jmx client may access any MBean
including reading its attributes, writing its updatable attributes and invoking its operations
''subject to its JMX access level ??''.
+  * With no security manager then the local jmx client (running as the same OS user as the
virtual machine) may perform any JMX client operation including accessing any MBean including
reading its attributes, writing its updatable attributes and invoking its operations, registering
and unregistering MBeans, controlling the virtual machine etc.
  ==== Security Manager (local) ====
   * /!\ Haven't looked into how this works, what would the principal name be?
  === Remote JMX ===

Mime
View raw message