geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <c1vams...@gmail.com>
Subject Re: JMX connections over SSL
Date Tue, 26 Feb 2008 21:32:38 GMT
Created https://issues.apache.org/jira/browse/GERONIMO-3876

I have quickly put together an implementation to enable SSL for JMX
connectors.  See JIRA for a patch.  Here are some problems that I have run
into.

The JMXConnector GBean is in j2ee-security config.  If I add a
KeystoreManager as reference and "geronimo-default" as the KeystoreInstance
to be used, the Keystore GBean is not started yet and so the KeystoreGBean
is not seen by the KeystoreManager.  Because of this,
keystoreManager.createSSLServerFactory(...) is failing.  So, I had to add
the KeystoreGBean to j2ee-system config.  And the order in which GBeans are
started also matters.  Should the JMXConnector be moved to
server-security-config? Or allow users to configure multiple JMXConnectors??

Suggestions?  Comment??

++Vamsi

On Wed, Feb 27, 2008 at 12:12 AM, Donald Woods <dwoods@apache.org> wrote:

> Yes, it seems like an option security conscious users would want
> (especially if they want to remotely monitor a hosted server....)
>
>
> -Donald
>
>
> Vamsavardhana Reddy wrote:
> > Currently the JMX connections supported by Geronimo are non-SSL
> > connections.  Is it desirable to provide SSL JMX connections to Geronimo
> > (SSL or non-SSL is configurable by the users)?
> >
> > ++Vamsi
>

Mime
View raw message