Credentials for ActiveMQ/Jolokia/HawtIO through Java

Question

I know the default password for 5.9.0's HawtIO/Jolokia is set in the \conf\ folder and is

admin/admin system/manager etc

However, none of those password are working when trying to execute the restful commands through Java:

CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(new AuthScope(null, -80), new UsernamePasswordCredentials("admin", "admin"));
CloseableHttpClient httpclient0 = HttpClients.custom().setDefaultCredentialsProvider(credsProvider).build();
URI uri0 = URI.create("http://localhost:8161/hawtio/auth/login/");
HttpGet httpget = new HttpGet(uri0);
HttpResponse r0 = httpclient0.execute(httpget);
System.out.println("Login form get: " + r0.getStatusLine());
for (Header h : r0.getAllHeaders())
  System.out.println(h.getName() + "/" + h.getValue());
HttpEntity entity = r0.getEntity();

InputStream is0 = entity.getContent();
String resp = IOUtils.toString(is0);
System.out.println("Response0: " + resp);

The following code just spits back a 403 Forbidden reply! I've tried many combinations of username and passwords.

Login form get: HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin/*
Content-Length/0
Server/Jetty(7.6.9.v20130131)

What works here?

I recall when running 5.8.0 that "admin/admin" worked, but I'd like to use 5.9.0 instead. It would be lame to back out of this version just because the username and password changed.

Further, which \conf file dictates this password...?

Answer 1

you've almost got it, you just need to POST to that URL instead of doing a GET. And you just set your username/password in the Authorization header. The authentication filter in hawtio avoids sending back a 401 as that makes the browser authentication prompt appear, hence why you don't see 401 returned instead.