On 02.09.2010 18:55, Pid wrote:
On 02/09/2010 17:31, Christopher Schultz wrote:
Pid,
On 9/2/2010 11:51 AM, Pid wrote:
..lots of info is available by JMX, once the server is up. In Java 6
you can attach to the process locally, without having to configure the
JMX ports because it injects the management agent into the virtual machine.
I hadn't considered that, never having used JMX. Are you saying that
anyone with local access can snoop a JVM? What are the strategies
available to prohibit that? Can you disable local JMX altogether? How
about some kind of authentication?
Pretty much. I'm not sure how to disable it, I've only just got the
hang of enabling it.
http://download.oracle.com/javase/6/docs/jdk/api/attach/spec/com/sun/tools/attach/VirtualMachine.html
Also: sun.management.ConnectorAddressLink, but I can't find a javadoc
for that.
I thought it uses a local file created by the JVM which only allows
access, if you are the same user (or root). The marketing terminology
for this Java 6 feature was "attach on demand".
See also
http://weblogs.java.net/blog/emcmanus/archive/2005/09/mustang_jdk_now.html
with some examples here:
http://blogs.sun.com/sundararajan/entry/using_mustang_s_attach_api
http://blogs.sun.com/sundararajan/entry/my_experiments_with_attach_on
and API Javadoc:
http://download-llnw.oracle.com/javase/6/docs/jdk/api/attach/spec/index.html
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
