Restricting client access to Jolokia API in Fuse/Fabric

Solution In Progress - Updated -

Issue

The JBoss Fuse administration console exposes an administration API via HTTP on the URL /jolokia.By default all access is allowed to any HTTP client that authenticates successfully. Jolokia can read a configuration file which contains finer-grained access-control settings; such settings might grant access to methods that read configuration but not modify it, for example. The default configuration behaviour is to search for a file jolokia-access.xml on the class search path. However, in the OSGI environment there is no straightforward way to provide such a file. JBoss Fuse provides no method to specify a file location, so search is limited to the classpath of the bundle that provides the administration service.

It is therefore not straightforward to configure different levels of access to the Jolokia API.

Environment

  • Red Hat JBoss Fuse
    • 6.0
    • 6.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.