Setting up per-user or per-group security in JMX
Question
We are big fans of JMX in my company. We have instrumented pretty much everything.
This is great for developers and a hardcore of support people. But it has been too successful: we are now getting requests from other people to be able to view JMX and we don't want to let them have access to everything.
Is it possible to setup JMX with security policies to restrict users or groups of users to a limited number of beans, attributes and operations?
We are using the HtmlAdaptorServer but could use JConsole or VisualVM if these are more appropriate. Using Java 6 throughout.
thanks.
Solution
You can start with http://blogs.oracle.com/lmalventosa/entry/jmx_authentication_authorization
It is a very nice starting point for security in JMX. There are various use case scenarios discussed for different level of security in JMX.