I'm sorry I interfered. Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His
Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515-988-2508 jonmcalexan...@wellsfargo.com This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. > -----Original Message----- > From: Christopher Schultz <ch...@christopherschultz.net> > Sent: Monday, June 13, 2022 1:36 PM > To: dev@tomcat.apache.org > Subject: Re: Any interest in a read-only JMX role? > > Jon, > > On 6/13/22 13:43, jonmcalexan...@wellsfargo.com.INVALID wrote: > > That's great if you use the manager app, but we don't use it or even make it > available. > > Well... this /is/ a conversation about the JMXProxyServlet which is a part of > the Manager app. So either you have something to say (about > JMXProxyServlet) or you don't care about the whole discussion, right? > > :) > > -chris > > >> -----Original Message----- > >> From: Konstantin Kolinko <knst.koli...@gmail.com> > >> Sent: Monday, June 13, 2022 11:54 AM > >> To: Tomcat Developers List <dev@tomcat.apache.org> > >> Subject: Re: Any interest in a read-only JMX role? > >> > >> пн, 13 июн. 2022 г. в 19:32, Christopher Schultz > >> <ch...@christopherschultz.net>: > >>> > >>> All, > >>> > >>> I've been thinking about the possibility of making a read-only JMX > >>> role available for the existing manager-jmx capability. > >>> > >>> [...] > >>> > >>> Does anyone think this is a good idea? > >>> > >> > >> I think it is a bad idea, because passwords (and maybe other secrets) > >> are visible through JMX, by design. > >> > >> It might be worth to have some "status" role, but it has to be > >> defined more specifically than just a "view all" role. > >> > >> Maybe the way to achieve the same result is to amend the server > >> status page, which is already provided by the manager app and has a > >> dedicated role. > >> > >> Best regards, > >> Konstantin Kolinko. > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For > >> additional commands, e-mail: dev-h...@tomcat.apache.org > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For > > additional commands, e-mail: dev-h...@tomcat.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional > commands, e-mail: dev-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
