tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shanti Suresh <>
Subject Re: Tomcat HeapMemoryUsage MBean question
Date Fri, 07 Sep 2012 15:32:40 GMT
Ah, okay.  Thank you!

Also, what I would like to achieve is to have a secure jmxproxy servlet for
"set" operations.  But have no authentication and authorization for get
I tried might to "tighten" only the "set" operations of the "jmxproxy"
servlet by modifying manager/WEB-INF/web.xml as follows,  and it didn't
work.  I actually tried the url-pattern below with "/jmxproxy/?get*", but I
was still able to query successfully without a "401 Unauthorized" failure.
So I figured that I may not be using the right pattern.  A url-pattern of
"/jmxproxy/*" does return a 401 Unauthorized error message on "get".

-------snippet from manager/web.xml:-----
      <web-resource-name>JMX Proxy interface</web-resource-name>

-----end of snippet----

I am further restricting who may access the manager application in
"conf/Catalina/localhost/manager.xml" to localhost:

<Context path="/manager" privileged="true"
   <Valve className="org.apache.catalina.valves.RemoteAddrValve"

So I can somehow secure the "set" but open up the "get" and "qry", I will
be in happy curl-land.



On Fri, Sep 7, 2012 at 11:06 AM, Christopher Schultz <> wrote:

> Hash: SHA1
> Shanti,
> On 9/7/12 10:07 AM, Shanti Suresh wrote:
> > We are running v7.0.23.  So "key" I hope should do the trick.  But
> > it doesn't seem to be.
> Well, that feature was added in 7.0.27 and you are running 7.0.23. So
> you don't have a version that supports that feature. So upgrade if you
> want to use that new feature.
> - -chris
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools -
> Comment: Using GnuPG with Mozilla -
> lgoAni83lEMf51nmyOKo2mXipUuxt0D2
> =6wCM
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message