Thanks! On Mon, May 26, 2025 at 5:19 AM Domenico Francesco Bruscino < bruscin...@gmail.com> wrote:
> Hi Stephen, > > the new hawtio version throttle authentication to protect Hawtio from brute > force attacks causing the error 429 in case of login failures. You can > disable it by using the system property hawtio.authenticationThrottled. For > further details see > https://urldefense.proofpoint.com/v2/url?u=https-3A__hawt.io_docs_security.html&d=DwIBaQ&c=q3cDpHe1hF8lXU5EFjNM_C93KOmcBXCBnhee2v6PYlc&r=_FLkjQXAikVvLJwgnZMYB1DNacAAigCWTIjWsBKyn5PlGV1IeWJBZTdtamUot3qq&m=EdeuK_GMo536jGnpSi95qoDlDL8my0ozt2a2Y3Q4F-cwq3cDAa6Ng7RzodD4gb5B&s=eCuNHSIpFCh8VupKIfLHXN3G62HSvb-8VI6KFxGF6sk&e= > > Regards, > Domenico > > On Thu, 22 May 2025 at 18:55, Stephen Baker > <stephen.ba...@motorolasolutions.com.invalid> wrote: > > > We've been attempting to update our servers to Artemis 2.40.0 and one of > > the remaining issues is that on some but not all servers we are hitting > 429 > > Too Many Requests errors on our health checks which query JMX through > > jolokia, e.g. > > > > curl -v -H "Origin: > https://urldefense.proofpoint.com/v2/url?u=http-3A__localhost&d=DwIBaQ&c=q3cDpHe1hF8lXU5EFjNM_C93KOmcBXCBnhee2v6PYlc&r=_FLkjQXAikVvLJwgnZMYB1DNacAAigCWTIjWsBKyn5PlGV1IeWJBZTdtamUot3qq&m=EdeuK_GMo536jGnpSi95qoDlDL8my0ozt2a2Y3Q4F-cwq3cDAa6Ng7RzodD4gb5B&s=5wNngPQ0iwmksiAbhyr_ayMzRQz_MUo8X13Vf24pio8&e= > " " > https://urldefense.proofpoint.com/v2/url?u=http-3A__rave-3A-2A-2A-2A-2A-2A-40&d=DwIBaQ&c=q3cDpHe1hF8lXU5EFjNM_C93KOmcBXCBnhee2v6PYlc&r=_FLkjQXAikVvLJwgnZMYB1DNacAAigCWTIjWsBKyn5PlGV1IeWJBZTdtamUot3qq&m=EdeuK_GMo536jGnpSi95qoDlDL8my0ozt2a2Y3Q4F-cwq3cDAa6Ng7RzodD4gb5B&s=GQKoUHw6diR1ZDZac0N87SLWnoVhMhJVNITWrUmUwOE&e= > > > > > ca-artemis-sms1b-2.qa.raveu.net:8161/ca-artemis-sms1b-2/console/jolokia/read/org.apache.activemq.artemis:broker=%22ca-artemis-sms1b-2%22/Backup > > " > > * Trying 10.2.2.132:8161... > > * Connected to ca-artemis-sms1b-2.qa.raveu.net (10.2.2.132) port 8161 > (#0) > > * Server auth using Basic with user 'rave' > > > GET > > > > > /ca-artemis-sms1b-2/console/jolokia/read/org.apache.activemq.artemis:broker=%22ca-artemis-sms1b-2%22/Backup > > HTTP/1.1 > > > Host: ca-artemis-sms1b-2.qa.raveu.net:8161 > > > Authorization: Basic cmF2ZTpnZXRBcnRlbWlzMQ== > > > User-Agent: curl/7.76.1 > > > Accept: */* > > > Origin: > https://urldefense.proofpoint.com/v2/url?u=http-3A__localhost&d=DwIBaQ&c=q3cDpHe1hF8lXU5EFjNM_C93KOmcBXCBnhee2v6PYlc&r=_FLkjQXAikVvLJwgnZMYB1DNacAAigCWTIjWsBKyn5PlGV1IeWJBZTdtamUot3qq&m=EdeuK_GMo536jGnpSi95qoDlDL8my0ozt2a2Y3Q4F-cwq3cDAa6Ng7RzodD4gb5B&s=5wNngPQ0iwmksiAbhyr_ayMzRQz_MUo8X13Vf24pio8&e= > > > > > * Mark bundle as not supporting multiuse > > < HTTP/1.1 429 Too Many Requests > > < Date: Thu, 22 May 2025 16:00:07 GMT > > < Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate, > > private > > < Pragma: no-cache > > < X-Frame-Options: DENY > > < X-XSS-Protection: 1 > > < X-Content-Type-Options: nosniff > > < Content-Security-Policy: default-src 'self'; script-src 'self'; > style-src > > 'self' 'unsafe-inline'; font-src 'self' data: > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__cdn.jsdelivr.net_npm_monaco-2Deditor-400.43.0_min_&d=DwIBaQ&c=q3cDpHe1hF8lXU5EFjNM_C93KOmcBXCBnhee2v6PYlc&r=_FLkjQXAikVvLJwgnZMYB1DNacAAigCWTIjWsBKyn5PlGV1IeWJBZTdtamUot3qq&m=EdeuK_GMo536jGnpSi95qoDlDL8my0ozt2a2Y3Q4F-cwq3cDAa6Ng7RzodD4gb5B&s=5gP-VbmFDdZ8TUHB1vJUwM6WlrUme5wVYRlgoMlI-vo&e= > ; img-src 'self' > > data:; connect-src 'self'; frame-src 'self'; manifest-src 'self'; > media-src > > 'self'; object-src 'self'; worker-src 'self' blob:; frame-ancestors > 'none'; > > script-src-elem 'self' > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__cdn.jsdelivr.net_npm_monaco-2Deditor-400.43.0_min_&d=DwIBaQ&c=q3cDpHe1hF8lXU5EFjNM_C93KOmcBXCBnhee2v6PYlc&r=_FLkjQXAikVvLJwgnZMYB1DNacAAigCWTIjWsBKyn5PlGV1IeWJBZTdtamUot3qq&m=EdeuK_GMo536jGnpSi95qoDlDL8my0ozt2a2Y3Q4F-cwq3cDAa6Ng7RzodD4gb5B&s=5gP-VbmFDdZ8TUHB1vJUwM6WlrUme5wVYRlgoMlI-vo&e= > ; style-src-elem > > 'self' 'unsafe-inline' > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__cdn.jsdelivr.net_npm_monaco-2Deditor-400.43.0_min_&d=DwIBaQ&c=q3cDpHe1hF8lXU5EFjNM_C93KOmcBXCBnhee2v6PYlc&r=_FLkjQXAikVvLJwgnZMYB1DNacAAigCWTIjWsBKyn5PlGV1IeWJBZTdtamUot3qq&m=EdeuK_GMo536jGnpSi95qoDlDL8my0ozt2a2Y3Q4F-cwq3cDAa6Ng7RzodD4gb5B&s=5gP-VbmFDdZ8TUHB1vJUwM6WlrUme5wVYRlgoMlI-vo&e= > > < Strict-Transport-Security: max-age=31536000;includeSubDomains;preload > > < Referrer-Policy: strict-origin > > < Retry-After: 239 > > < Content-Length: 0 > > < > > * Connection #0 to host ca-artemis-sms1b-2.qa.raveu.net left intact > > > > This request had a reasonable Retry-After but the team is reporting > seeing > > values as high as 61k seconds. > > > > Is anything in Artemis now enforcing a rate limit on jolokia requests, > and > > if so how can we configure it? > > > > -- > > > > *Stephen Baker* (He/Him/His) > > > > Consultant Software Engineer > > > > Motorola Solutions Inc. > > M: 905-330-2823 > > M: stephen.ba...@motorolasolutions.com > > <https://batchat.motorolasolutions.com/home/ls/community/mic > > > > > <https://batchat.motorolasolutions.com/home/ls/community/mic > > > <https://batchat.motorolasolutions.com/home/ls/community/mic > > > > > -- > > > > > > *For more information on how and why we collect your personal > > information, please visit our Privacy Policy > > < > > > https://www.motorolasolutions.com/en_us/about/privacy-policy.html?elqTrackId=8980d888905940e39a2613a7a3dcb0a7&elqaid=2786&elqat=2#privacystatement > > >.* > > > -- *For more information on how and why we collect your personal information, please visit our Privacy Policy <https://www.motorolasolutions.com/en_us/about/privacy-policy.html?elqTrackId=8980d888905940e39a2613a7a3dcb0a7&elqaid=2786&elqat=2#privacystatement>.*
