当JMX从JConsole监视Tomcat时,java.lang.SecurityException
[英]java.lang.SecurityException when JMX monitor Tomcat from JConsole
问题描述
The scenario is simple. 
场景很简单。 I'm trying to monitor from my local workstation (Mac OS 10.9) a remote server (Ubuntu 12.04) that's running Tomcat 7.0.54 where my Spring Java app is deployed. 我正在尝试从我的本地工作站(Mac OS 10.9)监视一个运行Tomcat 7.0.54的远程服务器(Ubuntu 12.04) ,我的部署了Spring Java应用程序。
JVM hotspot 64bit "1.7.0_51" is used in both server and workstation. 服务器和工作站都使用JVM热点64位“1.7.0_51” 。
THE STEPS 步骤
Configure Tomcat's JmxRemoteLifecycleListener to fix ports (server.xml)
配置Tomcat的JmxRemoteLifecycleListener来修复端口(server.xml) <Listener className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener" rmiRegistryPortPlatform="9940" rmiServerPortPlatform="9941" />Copy catalina-jmx-remote.jar into CATALINA_HOME/lib
将catalina-jmx-remote.jar复制到CATALINA_HOME / lib中 Open ports sudo iptables -L
打开端口sudo iptables -L ACCEPT tcp -- anywhere anywhere tcp dpt:9940 ACCEPT tcp -- anywhere anywhere tcp dpt:9941setenv.sh
setenv.sh IP=`ifconfig eth0 | grep 'inet '| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`; export CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.management.local.only=false -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.authenticate=true -Djava.rmi.server.hostname=$IP -Dcom.sun.management.jmxremote.password.file=$CATALINA_BASE/conf/jmxremote.password -Dcom.sun.management.jmxremote.access.file=$CATALINA_BASE/conf/jmxremote.access -Dcom.sun.management.jmxremote.ssl=false"IP gets resolved to host's internal ip address, say 10.239.94.133.
IP被解析为主机的内部IP地址,比如10.239.94.133。 Start Tomcat and check netstat -nap |
启动Tomcat并检查netstat -nap | grep java grep java tcp6 0 0 :::9940 :::* LISTEN 6538/java tcp6 0 0 :::9941 :::* LISTEN 6538/javaUp to here it all seems to indicate the setup is correct.
到目前为止,这一切似乎表明设置是正确的。 I can telnet my remote host to both ports and I can see Tomcat(6538) listening to those ports. 我可以将我的远程主机telnet到两个端口,我可以看到Tomcat(6538)正在监听这些端口。 From my local host jconsole -debug and connect to remote process
从我的本地主机jconsole -debug并连接到远程进程 service:jmx:rmi://PUBLIC-IP:9941/jndi/rmi://PUBLIC-IP:9940/jmxrmi
THE PROBLEM 问题
java.lang.SecurityException: Expecting a javax.rmi.ssl.SslRMIClientSocketFactory RMI client socket factory in stub!
at javax.management.remote.rmi.RMIConnector.checkStub(RMIConnector.java:1881)
at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:295)
at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:268)
at sun.tools.jconsole.ProxyClient.tryConnect(ProxyClient.java:370)
at sun.tools.jconsole.ProxyClient.connect(ProxyClient.java:313)
at sun.tools.jconsole.VMPanel$2.run(VMPanel.java:292)
Is there anything I've missed? 有什么我错过的吗? I'm running in circles with this :-/ Thanks for your help. 我正在用这个圈子跑: - /感谢你的帮助。
1 个解决方案
解决方案1
3 已采纳
IP gets resolved to host's internal ip address, say 10.239.94.133.
That was the problem. 那就是问题所在。 The fix is actually to set 修复实际上是设置
-Djava.rmi.server.hostname=server.public.ip.address
You still get the same error in JConsole (with -debug option) but disregard it and click on 'insecure' button to continue and your are in :) 你仍然在JConsole中得到相同的错误(使用-debug选项)但忽略它并点击'insecure'按钮继续你的所在:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.