Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
src
.checkstyle
.classpath
.gitignore
.project
README.md

README.md

JPPF JMX remote connector.

This is a full-fledged, fast and scalable implementation of a JMX remote connector, with Java NIO-based networking on both client and server sides.

JMX service URLs are in the form service:jmx:jppf://<host>:<port>

How to get it

Direct download: from the nightly build, look for JPPF-<version>-jmxremote-nio.zip

Maven: currently in Maven Central repository at http://repo.maven.apache.org/maven2/org/jppf:

<dependency>
  <groupId>org.jppf</groupId>
  <artifactId>jppf-jmxremote-nio</artifactId>
  <version>6.0</version>
</dependency>

Environment properties

Misc:

  • jmx.remote.x.request.timeout: Maximum time in milliseconds to wait for a JMX request to succeed, default to 15,000 ms

TLS properties:

  • jmx.remote.x.tls.enabled: whether to use secure connections via TLS protocol, defaults to false
  • jmx.remote.x.tls.context.protocol: javax.net.ssl.SSLContext protocol, defaults to TLSv1.2
  • jmx.remote.x.tls.enabled.protocols: A list of space-separated enabled protocols, defaults to TLSv1.2
  • jmx.remote.x.tls.enabled.cipher.suites: Space-separated list of enabled cipher suites, defaults to SSLContext.getDefault().getDefaultSSLParameters().getCipherSuites()
  • jmx.remote.x.tls.client.authentication: SSL client authentication level: one of 'none', 'want', 'need', defaults to 'none'
  • jmx.remote.x.tls.client.distinct.truststore: Whether to use a separate trust store for client certificates (server only), defaults to 'false'
  • jmx.remote.x.tls.client.truststore.password: Plain text client trust store password, defaults to null
  • jmx.remote.x.tls.client.truststore.password.source: Client trust store location as an arbitrary source, default to null
  • jmx.remote.x.tls.client.truststore.file: Path to the client trust store in the file system or classpath, defaults to null
  • jmx.remote.x.tls.client.truststore.source: Client trust store location as an arbitrary source, defaults to null
  • jmx.remote.x.tls.client.truststore.type: Trust store format, defaults to 'jks'
  • jmx.remote.x.tls.truststore.password: Plain text trust store password, defaults to null
  • jmx.remote.x.tls.truststore.password.source: Trust store password as an arbitrary source, defaults to null
  • jmx.remote.x.tls.truststore.file: Path to the trust store in the file system or classpath, defaults to null
  • jmx.remote.x.tls.truststore.source: Trust store location as an arbitrary source, defaults to null
  • jmx.remote.x.tls.truststore.type: Trust store format, defaults to 'jks'
  • jmx.remote.x.tls.keystore.password: Plain text key store password, defaults to null
  • jmx.remote.x.tls.keystore.password.source: Key store password as an arbitrary source, defaults to null
  • jmx.remote.x.tls.keystore.file: Path to the key store in the file system or classpath, defaults to null
  • jmx.remote.x.tls.keystore.source: Key store location as an arbitrary source, defaults to null
  • jmx.remote.x.tls.keystore.type: Key store format, defaults to 'jks'

Authentication and authorization

Authentication is provided as an instance of JMXAuthenticator, passed on via the server environment property jmx.remote.authenticator (also the Java constant JMXConnectorServer.AUTHENTICATOR).

On the client side, credentials are passed as a user-defined object via the connector environment property jmx.remote.credentials (also the Java constant JMXConnector.CREDENTIALS).

Authorization or ACL is provided via the server-side environment property jmx.remote.x.authorization.checker (also the Java constant JPPFJMXConnectorServer.AUTHORIZATION_CHECKER). The value can be either a Class object, representing an implementation of the interface JMXAuthorizationChecker, or a string that contains the fully qualified name of the class.

Authorization checks are performed against the Subject created by the JMXAuthenticator, if any is present. It is passed on to the JMXAuthorizationChecker via its setSubject(Subject) method.

Instead of implementing the JMXAuthorizationChecker interface, you may also extend the JMXAuthorizationCheckerAdapter (allows everything) or JMXAuthorizationDeniedAdapter (denies everything) class if you don't need to implement all the methods.

Unit tests are found in the test.org.jppf.jmxremote package of the tests module.