Hi Stephen, the new hawtio version throttle authentication to protect Hawtio from brute force attacks causing the error 429 in case of login failures. You can disable it by using the system property hawtio.authenticationThrottled. For further details see https://hawt.io/docs/security.html
Regards, Domenico On Thu, 22 May 2025 at 18:55, Stephen Baker <stephen.ba...@motorolasolutions.com.invalid> wrote: > We've been attempting to update our servers to Artemis 2.40.0 and one of > the remaining issues is that on some but not all servers we are hitting 429 > Too Many Requests errors on our health checks which query JMX through > jolokia, e.g. > > curl -v -H "Origin: http://localhost"; "http://rave:*****@ > > ca-artemis-sms1b-2.qa.raveu.net:8161/ca-artemis-sms1b-2/console/jolokia/read/org.apache.activemq.artemis:broker=%22ca-artemis-sms1b-2%22/Backup > " > * Trying 10.2.2.132:8161... > * Connected to ca-artemis-sms1b-2.qa.raveu.net (10.2.2.132) port 8161 (#0) > * Server auth using Basic with user 'rave' > > GET > > /ca-artemis-sms1b-2/console/jolokia/read/org.apache.activemq.artemis:broker=%22ca-artemis-sms1b-2%22/Backup > HTTP/1.1 > > Host: ca-artemis-sms1b-2.qa.raveu.net:8161 > > Authorization: Basic cmF2ZTpnZXRBcnRlbWlzMQ== > > User-Agent: curl/7.76.1 > > Accept: */* > > Origin: http://localhost > > > * Mark bundle as not supporting multiuse > < HTTP/1.1 429 Too Many Requests > < Date: Thu, 22 May 2025 16:00:07 GMT > < Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate, > private > < Pragma: no-cache > < X-Frame-Options: DENY > < X-XSS-Protection: 1 > < X-Content-Type-Options: nosniff > < Content-Security-Policy: default-src 'self'; script-src 'self'; style-src > 'self' 'unsafe-inline'; font-src 'self' data: > https://cdn.jsdelivr.net/npm/monaco-editor@0.43.0/min/; img-src 'self' > data:; connect-src 'self'; frame-src 'self'; manifest-src 'self'; media-src > 'self'; object-src 'self'; worker-src 'self' blob:; frame-ancestors 'none'; > script-src-elem 'self' > https://cdn.jsdelivr.net/npm/monaco-editor@0.43.0/min/; style-src-elem > 'self' 'unsafe-inline' > https://cdn.jsdelivr.net/npm/monaco-editor@0.43.0/min/ > < Strict-Transport-Security: max-age=31536000;includeSubDomains;preload > < Referrer-Policy: strict-origin > < Retry-After: 239 > < Content-Length: 0 > < > * Connection #0 to host ca-artemis-sms1b-2.qa.raveu.net left intact > > This request had a reasonable Retry-After but the team is reporting seeing > values as high as 61k seconds. > > Is anything in Artemis now enforcing a rate limit on jolokia requests, and > if so how can we configure it? > > -- > > *Stephen Baker* (He/Him/His) > > Consultant Software Engineer > > Motorola Solutions Inc. > M: 905-330-2823 > M: stephen.ba...@motorolasolutions.com > <https://batchat.motorolasolutions.com/home/ls/community/mic> > > <https://batchat.motorolasolutions.com/home/ls/community/mic> > <https://batchat.motorolasolutions.com/home/ls/community/mic> > > -- > > > *For more information on how and why we collect your personal > information, please visit our Privacy Policy > < > https://www.motorolasolutions.com/en_us/about/privacy-policy.html?elqTrackId=8980d888905940e39a2613a7a3dcb0a7&elqaid=2786&elqat=2#privacystatement > >.* >
