JMX Proxy

Security Security in Jolokia is provided at two levels: The transport channel (HTTP) is secured the standard way as it is defined in the Jakarta EE specifications. The agent itself can be configured to use a very fine grained policy which can restrict access on the MBean level for various parameters.

In especially, the policy can restrict access to:

  • certain client host IPs or subnets

  • certain Jolokia operations (read, write, exec, list, search, notification)

  • specific MBean attributes (read and write) and operations

The security definitions support a wildcard notation and allow/deny sections similar to the security setup of an Apache HTTP-Server.


The following example shows a sample policy file:





      <attribute mode="read">Verbose</attribute>




This sample policy contains a list of remote hosts which are allowed to access this agent. The name can be given as IP or FQDN. A subnetmask can be given, too, for specifying a subnet for the access. The netmask can be given either in CIDR format (e.g "/16") or as a full netmask (e.g. "/").

The address to check is obtained from:

  • in WAR agent: jakarta.servlet.ServletRequest.getRemoteHost() or jakarta.servlet.ServletRequest.getRemoteAddr() depending on allowDnsReverseLookup configuration option

    • In Tomcat, the remote address value comes from call

  • in JVM agent:

The list of allowed commands, which are given in <commands> section determine which Jolokia operations are allowed in general. For each command type present, the principle behaviour is allow this command for all MBeans. To remove an MBean (attribute/operation), a <deny> section has to be added. For each command type missing, the command is disabled by default. For certain MBeans it can be selectively be enabled by using an <allow> section below. Within the allow and deny sections, MBean names and attribute/operation names can be specified with a pattern using wildcards (?,*)