How to set credentials for JMX in spring boot?
I have included JMX
in my application spring boot
. I can set / get properties on use Jconsole
. I want to add authentication
(username / password) to connect to MBeanServer
. I prefer annotation if possible.
Here's mine JMXBean
.
@ManagedResource(objectName = "Examples:type=JMX,name=Resource")
public class Resource {
List<String> items = new ArrayList<>();
@ManagedAttribute
public String getLastItem() {
return items.get(getSize()-1);
}
@ManagedAttribute
public int getSize() {
return items.size();
}
@ManagedOperation
public void addItem(String item) {
items.add(item);
}
@ManagedOperation
public String getItem(int pos) {
return items.get(pos);
}
@ManagedOperation
public List<String> getItems() {
return items;
}
}
I currently have no configuration XML
.
I have a bean initialized in my config
@Configuration
@EnableAutoConfiguration
@ComponentScan
public class Application extends SpringBootServletInitializer {
public static void main(final String[] args) {
SpringApplication.run(Application.class, args);
}
@Override
protected final SpringApplicationBuilder configure(final SpringApplicationBuilder application) {
return application.sources(Application.class);
}
@Bean
public Resource jmxResource() {
return new Resource();
}
}
source to share
To enable JMX remote access , you need to start your Spring Boot application with the following JVM parameter:
-Dcom.sun.management.jmxremote.port=<port>
To configure file-based password authentication, add the following parameter:
-Dcom.sun.management.jmxremote.password.file=<file>
There are two predefined users: monitorRole
and controlRole
. By default, the former has read-only access, the latter can also write (see $JRE_HOME/lib/management/jmxremote.access
). Use jmxremote.password.template
c $JRE_HOME/lib/management
as a template for a password file and stick to these usernames. For example:
monitorRole <password> controlRole <password>
Log in using any of these usernames and the password you provided.
Please note that when using this method, passwords are stored in plain text and are not recommended for production purposes. See the documentation on how to configure authentication using SSL clients or LDAP certificates.
source to share