ActiveMQ
  1. ActiveMQ
  2. AMQ-1164

ManagementContext opens insecure server

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Not a Problem
    • Affects Version/s: 4.1.0
    • Fix Version/s: NEEDS_REVIEW
    • Component/s: JMX
    • Labels:
      None

      Description

      The use case is setting up an RMI server on a fixed port (using <amq:managementContext rmiServerPort="xxx">) in order to pass through a firewall. This RMI server doesn't honor the com.sun.mangement.password.file et al environment variables. Simply guessing the hostname and port (and the default port being a well known port, meaning "no guesswork at all") is enough to take full control of AMQ.

      Further, but somewhat unrelated, if one sets up a password protected Tiger JMX MBean server, AMQ can't configure it, giving a read only error message.

        Activity

        Timothy Bish made changes -
        Status Open [ 1 ] Closed [ 6 ]
        Resolution Not A Problem [ 8 ]
        Hide
        Timothy Bish added a comment -

        See the ActiveMQ docs for information on securing the JMXConnector: http://activemq.apache.org/jmx.html

        Show
        Timothy Bish added a comment - See the ActiveMQ docs for information on securing the JMXConnector: http://activemq.apache.org/jmx.html
        Jeff Turner made changes -
        Project Import Fri Nov 26 22:32:02 EST 2010 [ 1290828722158 ]
        Bruce Snyder made changes -
        Fix Version/s AGING_TO_DIE [ 12187 ]
        Fix Version/s NEED_REVIEWED [ 12186 ]
        Component/s JMX [ 11761 ]
        Component/s Broker [ 10763 ]
        Bruce Snyder made changes -
        Fix Version/s AGING_TO_DIE [ 12187 ]
        Fix Version/s 5.4.0 [ 12110 ]
        Gary Tully made changes -
        Fix Version/s 5.3.0 [ 11914 ]
        Fix Version/s 5.4.0 [ 12110 ]
        Gary Tully made changes -
        Fix Version/s 5.2.0 [ 11841 ]
        Fix Version/s 5.3.0 [ 11914 ]
        Rob Davies made changes -
        Field Original Value New Value
        Fix Version/s 5.2.0 [ 11841 ]
        Christopher G. Stach II created issue -

          People

          • Assignee:
            Unassigned
            Reporter:
            Christopher G. Stach II
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development