![]() |
Hi Roland,
First of all, thank you very much for this tool. I really appreciate your work! After playing with Jolokia on IBM WAS 7.0 I wanted to add some restriction based on the policy file. But I've noticed that there is no specification about the name of the file and location in http://www.jolokia.org/features/security.html page. Looking in the source code, I see that RestrictorFactory is looking for the file /jolokia-access.xml: Thread.currentThread().getContextClassLoader().getResourceAsStream("/jolokia-access.xml"); Therefore, could you please update the doc to specify that the sample policy file, if used, must be named jolokia-access.xml and must be placed in the root of the webapp. And after starting the webapp, the user should check the standard output log of the app server for a message like this: Servlet Message - [jolokia-0_83_war#jolokia-0.83.war]:.jolokia-agent: jolokia: Using security policy from 'jolokia-access.xml' Once again, thanks a lot! Have a good day! |
![]() |
Thanks for the remark. You are absolutely right, the security policy feature and the file location are poorly documented. I will work on this and add an appropriate section in the reference manual.
BTW, the latest developer version of jmx4perl (0.90_3) comes with a command line tool 'jolokia', which helps in repackaging the agents in order to include the policy file within an agent:
# Download the WAR agent $ jolokia # Download a sample policy file in the local dir as 'jolokia-access.xml' $ jolokia download --policy # Repack the to add the policy file 'jolokia-access.xml' form the cwd $ jolokia repack --policy jolokia.war # Show current state (policy file include: yes/no) $ jolokia jolokia.warYou find jmx4perl 0.90_3 here: http://search.cpan.org/~roland/jmx4perl-0.90_3/
... roland
|
![]() |
In reply to this post by mariusid
Hi all,
No matter what I try, it seems the jolokia-access.xml file is not found. The jboss server log displays: INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/jolokia]] jolokia-agent: jolokia: No security policy installed. Access to any MBean attribute and operation is permitted. I have included the policy file in the war archive, on different locations, but none seems to work: # jar tvf jolokia.war 0 Wed Mar 23 11:00:44 CET 2011 META-INF/ 71 Wed Mar 23 11:00:44 CET 2011 META-INF/MANIFEST.MF 0 Wed Mar 23 09:45:38 CET 2011 META-INF/maven/ 0 Wed Mar 23 09:45:38 CET 2011 META-INF/maven/org.jolokia/ 0 Wed Mar 23 09:45:38 CET 2011 META-INF/maven/org.jolokia/jolokia-war/ 1920 Wed Mar 23 09:29:40 CET 2011 META-INF/maven/org.jolokia/jolokia-war/pom.xml 106 Wed Mar 23 09:29:40 CET 2011 META-INF/maven/org.jolokia/jolokia-war/pom.properties 0 Wed Mar 23 10:06:06 CET 2011 WEB-INF/ 0 Wed Mar 23 10:06:08 CET 2011 WEB-INF/classes/ 4650 Wed Mar 23 10:06:08 CET 2011 WEB-INF/classes/jolokia-access.xml 4650 Wed Mar 23 10:06:06 CET 2011 WEB-INF/jolokia-access.xml 0 Wed Mar 23 10:06:16 CET 2011 WEB-INF/lib/ 16046 Wed Mar 23 09:29:40 CET 2011 WEB-INF/lib/json-simple-1.1.jar 4331 Wed Mar 23 09:29:40 CET 2011 WEB-INF/lib/jolokia-jsr160-0.83.jar 4650 Wed Mar 23 10:06:16 CET 2011 WEB-INF/lib/jolokia-access.xml 173624 Wed Mar 23 09:29:40 CET 2011 WEB-INF/lib/jolokia-core-0.83.jar 3940 Wed Mar 23 09:29:40 CET 2011 WEB-INF/web.xml 4650 Wed Mar 23 09:55:10 CET 2011 jolokia-access.xmlI don't see what I'm doing wrong... any tips? Thanks! Frido |
![]() |
WEB-INF/classes/jolokia-access.xml is the proper place.
What JBoss version are you using ? I will try to reproduce the issue.
... roland
|
![]() |
Hello Roland,
Thanks for your effort. I'm using: Name: JBoss AS Vendor: JBoss (http://www.jboss.org/) Version: 4.2.3.GA |
![]() |
Hi,
sorry, I can't reproduce the issue: 18:59:18,649 INFO [[/jolokia]] jolokia-agent: jolokia: Using security policy from 'jolokia-access.xml' 18:59:18,941 INFO [Http11Protocol] Starting Coyote HTTP/1.1 on http-127.0.0.1-8080 18:59:18,952 INFO [AjpProtocol] Starting Coyote AJP/1.3 on ajp-127.0.0.1-8009 18:59:18,960 INFO [Server] JBoss (MX MicroKernel) [4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)] Started in 7s:692ms with the following jolokia.jar: $ jar tvf jolokia.war 0 Sat Feb 19 16:13:56 CET 2011 META-INF/ 125 Sat Feb 19 16:13:54 CET 2011 META-INF/MANIFEST.MF 0 Sat Feb 19 16:13:54 CET 2011 WEB-INF/ 0 Sat Feb 19 16:13:54 CET 2011 WEB-INF/classes/ 0 Sat Feb 19 16:13:54 CET 2011 WEB-INF/lib/ 173624 Sat Feb 19 16:09:52 CET 2011 WEB-INF/lib/jolokia-core-0.83.jar 4331 Sat Feb 19 16:12:40 CET 2011 WEB-INF/lib/jolokia-jsr160-0.83.jar 16046 Wed Oct 07 09:05:12 CEST 2009 WEB-INF/lib/json-simple-1.1.jar 3940 Sat Feb 19 16:07:56 CET 2011 WEB-INF/web.xml 0 Sat Feb 19 16:13:56 CET 2011 META-INF/maven/ 0 Sat Feb 19 16:13:56 CET 2011 META-INF/maven/org.jolokia/ 0 Sat Feb 19 16:13:56 CET 2011 META-INF/maven/org.jolokia/jolokia-war/ 1920 Sat Feb 19 16:08:00 CET 2011 META-INF/maven/org.jolokia/jolokia-war/pom.xml 106 Sat Feb 19 16:13:54 CET 2011 META-INF/maven/org.jolokia/jolokia-war/pom.properties 4278 Wed Mar 23 18:58:48 CET 2011 WEB-INF/classes/jolokia-access.xml Are you sure, that JBoss picked up the proper jolokia.war ? Could you please mail me your prepare war-file ? (roland (o) jolokia.org) thanks ...
... roland
|
Free forum by Nabble | Edit this page |