JMXConnector(Factory) using different username than providedDifferences between HashMap and Hashtable?What is the difference between public, protected, package-private and private in Java?Difference between StringBuilder and StringBufferDifference between wait() and sleep()What is the difference between JDK and JRE?Difference between HashMap, LinkedHashMap and TreeMapWhat's the difference between @Component, @Repository & @Service annotations in Spring?Why is processing a sorted array faster than processing an unsorted array?No compiler is provided in this environment. Perhaps you are running on a JRE rather than a JDK?Why is printing “B” dramatically slower than printing “#”?
Golf (6-card) Golf!
How can this Stack Exchange site have an animated favicon?
what should be done first, handling missing data or dealing with data types?
A famous scholar sent me an unpublished draft of hers. Then she died. I think her work should be published. What should I do?
Quick Yajilin Puzzles: Scatter and Gather
Can I see the total amount of my crafting materials?
What exactly did this mechanic sabotage on the American Airlines 737, and how dangerous was it?
Averting Bathos
Is there a recurrence relation which has no closed formula?
Does every piano need tuning every year?
A food item only made possible by time-freezing storage?
A file manager to open a zip file like opening a folder, instead of extract it by using a archive manager
Is it impolite to ask for an in-flight catalogue with no intention of buying?
Hangman Game (YAHG)
What is the difference between an astronaut in the ISS and a freediver in perfect neutral buoyancy?
1, 2, 4, 8, 16, ... 33?
Fuel sender works when outside of tank, but not when in tank
Do we have any particular tonal center in mind when we are NOT listening music?
Is it impolite to ask for halal food when traveling to and in Thailand?
Should the average user with no special access rights be worried about SMS-based 2FA being theoretically interceptable?
Is the mass of paint relevant in rocket design?
practicality of 30 year fix mortgage at 55 years of age
I am 15 years old and do not go to a Yeshiva but would like to learn Talmud. A few rabbis near me said they could teach me. How should I start
Clear text passwords in Unix
JMXConnector(Factory) using different username than provided
Differences between HashMap and Hashtable?What is the difference between public, protected, package-private and private in Java?Difference between StringBuilder and StringBufferDifference between wait() and sleep()What is the difference between JDK and JRE?Difference between HashMap, LinkedHashMap and TreeMapWhat's the difference between @Component, @Repository & @Service annotations in Spring?Why is processing a sorted array faster than processing an unsorted array?No compiler is provided in this environment. Perhaps you are running on a JRE rather than a JDK?Why is printing “B” dramatically slower than printing “#”?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
We have some code that runs:
JMXConnectorFactory.connect(domainServiceURL, hashTable);
"hashtable" includes the following contents (and 3 timeout values, excluded here):
Hashtable<String, Object> hashTable = new Hashtable<String, Object>();
hashTable.put(WLContext.SECURITY_PRINCIPAL, username);
hashTable.put(WLContext.SECURITY_CREDENTIALS, password);
hashTable.put(WLContext.SECURITY_PROTOCOL, "ssl");
hashTable.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,
"weblogic.management.remote");
Where username is, let's say, "ADMIN_USER".
Under many circumstances, this code works. However, after running through a specific code path (too much to paste) it throws the following exception:
java.io.IOException: User USER2/GROUP1/GROUP2/ROLE1/ROLE2 does not have access to the administrator port.
at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:244)
at weblogic.management.remote.common.ClientProviderBase.newJMXConnector(ClientProviderBase.java:120)
at javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:369)
at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:267)
...
Note, I have confirmed with log statements that in both cases, we are still passing ADMIN_USER in to the connect method. But, the exception instead refers to USER2.
I was given advice that certain system properties may be picked up by Weblogic code and change how it acts, but I have also compared System.getenv() both when it's working and when it's not and found no differences. Also note, USER2 is in the keystore ssl.properties file, but I don't see any sort of SSL variable being set that would make the connect method use that in one case but not the other.
I also tried using JMXConnector.CREDENTIALS instead of the 2 properties above, and no change.
It seems something is overriding (or adding to) the credentials being provided to the connect method. But, as I mentioned, the code path that makes this happen is pretty extensive, so perhaps someone knows what exact sort of thing might override the login credentials?
java ssl weblogic jmx
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
add a comment
|
We have some code that runs:
JMXConnectorFactory.connect(domainServiceURL, hashTable);
"hashtable" includes the following contents (and 3 timeout values, excluded here):
Hashtable<String, Object> hashTable = new Hashtable<String, Object>();
hashTable.put(WLContext.SECURITY_PRINCIPAL, username);
hashTable.put(WLContext.SECURITY_CREDENTIALS, password);
hashTable.put(WLContext.SECURITY_PROTOCOL, "ssl");
hashTable.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,
"weblogic.management.remote");
Where username is, let's say, "ADMIN_USER".
Under many circumstances, this code works. However, after running through a specific code path (too much to paste) it throws the following exception:
java.io.IOException: User USER2/GROUP1/GROUP2/ROLE1/ROLE2 does not have access to the administrator port.
at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:244)
at weblogic.management.remote.common.ClientProviderBase.newJMXConnector(ClientProviderBase.java:120)
at javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:369)
at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:267)
...
Note, I have confirmed with log statements that in both cases, we are still passing ADMIN_USER in to the connect method. But, the exception instead refers to USER2.
I was given advice that certain system properties may be picked up by Weblogic code and change how it acts, but I have also compared System.getenv() both when it's working and when it's not and found no differences. Also note, USER2 is in the keystore ssl.properties file, but I don't see any sort of SSL variable being set that would make the connect method use that in one case but not the other.
I also tried using JMXConnector.CREDENTIALS instead of the 2 properties above, and no change.
It seems something is overriding (or adding to) the credentials being provided to the connect method. But, as I mentioned, the code path that makes this happen is pretty extensive, so perhaps someone knows what exact sort of thing might override the login credentials?
java ssl weblogic jmx
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
In multi-threaded context, be sure to ALWAYS close your JNDI context. Some security information are stored by weblogic in local threads and can lead to such confusion when jndi contexts are not correctly closed by the client.
– Emmanuel Collin
Mar 29 at 9:36
add a comment
|
We have some code that runs:
JMXConnectorFactory.connect(domainServiceURL, hashTable);
"hashtable" includes the following contents (and 3 timeout values, excluded here):
Hashtable<String, Object> hashTable = new Hashtable<String, Object>();
hashTable.put(WLContext.SECURITY_PRINCIPAL, username);
hashTable.put(WLContext.SECURITY_CREDENTIALS, password);
hashTable.put(WLContext.SECURITY_PROTOCOL, "ssl");
hashTable.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,
"weblogic.management.remote");
Where username is, let's say, "ADMIN_USER".
Under many circumstances, this code works. However, after running through a specific code path (too much to paste) it throws the following exception:
java.io.IOException: User USER2/GROUP1/GROUP2/ROLE1/ROLE2 does not have access to the administrator port.
at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:244)
at weblogic.management.remote.common.ClientProviderBase.newJMXConnector(ClientProviderBase.java:120)
at javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:369)
at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:267)
...
Note, I have confirmed with log statements that in both cases, we are still passing ADMIN_USER in to the connect method. But, the exception instead refers to USER2.
I was given advice that certain system properties may be picked up by Weblogic code and change how it acts, but I have also compared System.getenv() both when it's working and when it's not and found no differences. Also note, USER2 is in the keystore ssl.properties file, but I don't see any sort of SSL variable being set that would make the connect method use that in one case but not the other.
I also tried using JMXConnector.CREDENTIALS instead of the 2 properties above, and no change.
It seems something is overriding (or adding to) the credentials being provided to the connect method. But, as I mentioned, the code path that makes this happen is pretty extensive, so perhaps someone knows what exact sort of thing might override the login credentials?
java ssl weblogic jmx
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
We have some code that runs:
JMXConnectorFactory.connect(domainServiceURL, hashTable);
"hashtable" includes the following contents (and 3 timeout values, excluded here):
Hashtable<String, Object> hashTable = new Hashtable<String, Object>();
hashTable.put(WLContext.SECURITY_PRINCIPAL, username);
hashTable.put(WLContext.SECURITY_CREDENTIALS, password);
hashTable.put(WLContext.SECURITY_PROTOCOL, "ssl");
hashTable.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,
"weblogic.management.remote");
Where username is, let's say, "ADMIN_USER".
Under many circumstances, this code works. However, after running through a specific code path (too much to paste) it throws the following exception:
java.io.IOException: User USER2/GROUP1/GROUP2/ROLE1/ROLE2 does not have access to the administrator port.
at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:244)
at weblogic.management.remote.common.ClientProviderBase.newJMXConnector(ClientProviderBase.java:120)
at javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:369)
at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:267)
...
Note, I have confirmed with log statements that in both cases, we are still passing ADMIN_USER in to the connect method. But, the exception instead refers to USER2.
I was given advice that certain system properties may be picked up by Weblogic code and change how it acts, but I have also compared System.getenv() both when it's working and when it's not and found no differences. Also note, USER2 is in the keystore ssl.properties file, but I don't see any sort of SSL variable being set that would make the connect method use that in one case but not the other.
I also tried using JMXConnector.CREDENTIALS instead of the 2 properties above, and no change.
It seems something is overriding (or adding to) the credentials being provided to the connect method. But, as I mentioned, the code path that makes this happen is pretty extensive, so perhaps someone knows what exact sort of thing might override the login credentials?
java ssl weblogic jmx
java ssl weblogic jmx
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
edited Mar 28 at 18:05
user1410910
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
asked Mar 28 at 17:33
user1410910user1410910
5703 silver badges11 bronze badges
5703 silver badges11 bronze badges
In multi-threaded context, be sure to ALWAYS close your JNDI context. Some security information are stored by weblogic in local threads and can lead to such confusion when jndi contexts are not correctly closed by the client.
– Emmanuel Collin
Mar 29 at 9:36
add a comment
|
In multi-threaded context, be sure to ALWAYS close your JNDI context. Some security information are stored by weblogic in local threads and can lead to such confusion when jndi contexts are not correctly closed by the client.
– Emmanuel Collin
Mar 29 at 9:36
In multi-threaded context, be sure to ALWAYS close your JNDI context. Some security information are stored by weblogic in local threads and can lead to such confusion when jndi contexts are not correctly closed by the client.
– Emmanuel Collin
Mar 29 at 9:36
In multi-threaded context, be sure to ALWAYS close your JNDI context. Some security information are stored by weblogic in local threads and can lead to such confusion when jndi contexts are not correctly closed by the client.
– Emmanuel Collin
Mar 29 at 9:36
add a comment
|
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55403731%2fjmxconnectorfactory-using-different-username-than-provided%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55403731%2fjmxconnectorfactory-using-different-username-than-provided%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
In multi-threaded context, be sure to ALWAYS close your JNDI context. Some security information are stored by weblogic in local threads and can lead to such confusion when jndi contexts are not correctly closed by the client.
– Emmanuel Collin
Mar 29 at 9:36