Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Summary:
Currently there are number of options that must be configured for the JMX Console to correctly connect, if these values are not set or correct then the connection will fail.
However, the broker will provide the console with sufficient detail to auto-negotiate the connection.
QPID-1504 highlights that if we connect using the RMI connector but the server is configured for JMXMP then we can tell.
If we connect using JMXMP using SASL/CRAM-MD5 but the server wants SASL/PLAIN then we can tell as the exception is:
java.io.IOException: The server supported profiles [SASL/PLAIN] do not match the client required profiles [SASL/CRAM-MD5].
We can use this information to swap Sasl mechanism in the console and try again.
This would mean that the end user would not have to reconfigure or have multiple start scripts lying about so they could connect to a number of difference brokers using different mechanisms.
Looking at the private class ConnectorThread in JMXServerRegistry along with the createSASLConnector and the constructor show that the security mechanism is hard coded but could using the above method be derived from the broker's response and handled appropriately if the ConnectorThread and createSASLConnector where better architected to take advantaged of the exceptions returned from the JMXConnectorFactory.connect method