Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/lib/management/jmxremote.access
changeset 2 90ce3da70b43
child 2621 78567495e352
equal deleted inserted replaced
0:fd16c54261b3 2:90ce3da70b43 
       
     1 ######################################################################
 
       
     2 #     Default Access Control File for Remote JMX(TM) Monitoring
 
       
     3 ######################################################################
 
       
     4 #
 
       
     5 # Access control file for Remote JMX API access to monitoring.
 
       
     6 # This file defines the allowed access for different roles.  The
 
       
     7 # password file (jmxremote.password by default) defines the roles and their
 
       
     8 # passwords.  To be functional, a role must have an entry in
 
       
     9 # both the password and the access files.
 
       
    10 #
 
       
    11 # Default location of this file is $JRE/lib/management/jmxremote.access
 
       
    12 # You can specify an alternate location by specifying a property in 
       
    13 # the management config file $JRE/lib/management/management.properties
 
       
    14 # (See that file for details)
 
       
    15 #
 
       
    16 # The file format for password and access files is syntactically the same
 
       
    17 # as the Properties file format.  The syntax is described in the Javadoc
 
       
    18 # for java.util.Properties.load.
 
       
    19 # Typical access file has multiple  lines, where each line is blank,
 
       
    20 # a comment (like this one), or an access control entry.
 
       
    21 #
 
       
    22 # An access control entry consists of a role name, and an
 
       
    23 # associated access level.  The role name is any string that does not
 
       
    24 # itself contain spaces or tabs.  It corresponds to an entry in the
 
       
    25 # password file (jmxremote.password).  The access level is one of the
 
       
    26 # following:
 
       
    27 #       "readonly" grants access to read attributes of MBeans.
 
       
    28 #                   For monitoring, this means that a remote client in this
 
       
    29 #                   role can read measurements but cannot perform any action
 
       
    30 #                   that changes the environment of the running program.
 
       
    31 #       "readwrite" grants access to read and write attributes of MBeans,
 
       
    32 #                   to invoke operations on them, and to create or remove them.
 
       
    33 #		    This access should be granted to only trusted clients, 
       
    34 #                   since they can potentially interfere with the smooth
 
       
    35 #		    operation of a running program 
       
    36 #
 
       
    37 # A given role should have at most one entry in this file.  If a role
 
       
    38 # has no entry, it has no access.
 
       
    39 # If multiple entries are found for the same role name, then the last
 
       
    40 # access entry is used.
 
       
    41 #
 
       
    42 #
 
       
    43 # Default access control entries:
 
       
    44 # o The "monitorRole" role has readonly access.  
       
    45 # o The "controlRole" role has readwrite access.
 
       
    46 
       
    47 monitorRole   readonly
 
       
    48 controlRole   readwrite
jdk-sandbox