tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henri Gomez <henri.go...@gmail.com>
Subject Re: JmxRemoteLifecycleListener and com.sun.security.auth.module.LdapLoginModule JMX authentification
Date Fri, 15 Oct 2010 06:46:35 GMT
> I see System.getProperty( ) there, so it is not hardcoded. It is just
> a default value.

        passwordFile = System.getProperty(
	                "com.sun.management.jmxremote.password.file",
	                "jmxremote.password");
	
	        accessFile = System.getProperty(
	                "com.sun.management.jmxremote.access.file",
	                "jmxremote.access");

....

           // Configure authentication
	            if (authenticate) {
	                env.put("jmx.remote.x.password.file", passwordFile);
	                env.put("jmx.remote.x.access.file", accessFile);
	            }

To me, we're injecting login/password and access in context.

In LDAP approach, login/password validation operations are done by
com.sun.security.auth.module.LdapLoginModule


> Also the JavaDoc for the class says
>  * Only the ports are configured via
>  * the listener. The remainder of the configuration is via the standard system
>  * properties for configuring JMX.
>
> Moreover the field is a protected one, so a derived class may change it.
>
>> Should I open a BZ for this one ?
>
> I do not see a problem here, but if you are to propose some
> patch/enhancement then you are welcome, as always.

Ok, I'll try to see what to do and propose a patch ;)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message