Bug 51119

Summary: extras - JmxRemoteLifecycleListener does not support JAAS based authentication and authorisation
Product: Tomcat 6 Reporter: Neil laurance <neil.laurance>
Component: CatalinaAssignee: Tomcat Developers Mailing List <dev>
Status: RESOLVED FIXED    
Severity: enhancement CC: edward.quick
Priority: P2    
Version: 6.0.32   
Target Milestone: default   
Hardware: All   
OS: All   
Attachments: Diff from trunk - changes JmxRemoteLifecycleListener only

Description Neil laurance 2011-04-26 05:29:40 UTC
(Also true in Tomcat 7)

The JmxRemoteLifecycleListener does not support JAAS based authentication.

That is, when authentication is required, it only supports file based authentication.
Comment 1 Mark Thomas 2011-04-26 05:31:42 UTC
Enhancement requests with proposed patches tend to get addressed more quickly than those without.
Comment 2 Neil laurance 2011-04-26 05:32:51 UTC
Created attachment 26934 [details]
Diff from trunk - changes JmxRemoteLifecycleListener only
Comment 3 Neil laurance 2011-04-26 05:36:16 UTC
(In reply to comment #1)
> Enhancement requests with proposed patches tend to get addressed more quickly
> than those without.

Apologies, didn't have time to add my patch before your reply ;-)
Comment 4 Neil laurance 2011-04-26 05:40:49 UTC
Properties to verify this is working:

-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.login.config=TomcatJaas  (the module name)
-Djava.security.auth.login.config=/path/to/jaas.config           
-Dcom.sun.management.jmxremote.access.file=/path/to/jmxremote.access
Comment 5 Mark Thomas 2011-05-18 12:41:26 UTC
Fixed in 6.0.x and will be included in 6.0.33 onwards.