I can still access MBean server with invalid credentials

**justsnwbrd** · Oct 9th, 2008, 09:50 AM

From my client, regardless of the credentials I use, I can still connect and manage my server MBeans.

Here is my server application context

Code:

	<bean class="org.springframework.jmx.support.ConnectorServerFactoryBean" depends-on="registry">
		<property name="serviceUrl" value="service:jmx:rmi://localhost/jndi/rmi://localhost:11099/jmxrmi" />
		<property name="environment">
			<props>
				<prop key="java.naming.security.principal">user</prop>
				<prop key="java.naming.security.credentials">password</prop>
			</props>
		</property>
	</bean>

my client uses the following, and the connection is still successfull

Code:

		   JMXServiceURL  url = new JMXServiceURL("service:jmx:rmi://localhost/jndi/rmi://localhost:11099/jmxrmi");
		   HashMap environment = new HashMap();
		   String[] credentials = new String[] {"bad", "bad"};
		   environment.put(JMXConnector.CREDENTIALS, credentials);
		   JMXConnector  jmxc = JMXConnectorFactory.connect(url, environment);
		   final MBeanServerConnection mbsc = jmxc.getMBeanServerConnection();

any ideas???

Thread: I can still access MBean server with invalid credentials

Thread Tools

Display

I can still access MBean server with invalid credentials

Posting Permissions