Security can be added using the environment property. Simple JMX security comes
prepackaged as jmx:server-security. Note that the access file is
an Oddjob specific access file. Oddjob requires full read/write access because
it uses JMX operations and all JMX operation require full read/write access.
Oddjob uses a JMX access format file but provides it's own primitive access
control on top the JMX layer. Oddjob's access control removes an entire java
interface from the client side proxy if any of it's methods are write.
One affect of this is that a read only account can't access properties of
the remote job with the ${server/remote-job} syntax because this functionality
is provided by the same interface (BeanUtils DynaBean) that allows
a remote job's properties to be written.
For more information on JMX Security see The JMX Tutorial.
| address | |
| arooaSession | |
| environment | An environment such as security settings. |
| handlerFactories | Additional handler factories that allow any interface to be invoked from a remote Oddjob. |
| logFormat | The log format for formatting log messages. |
| name | A name, can be any text. |
| root | The root node. |
| url | The JMX service URL. |
| Example 1 | Creating a server. |
| Example 2 | Creating a secure server. |
| Access | READ_ONLY |
| Configured By | ELEMENT |
| Access | WRITE_ONLY |
| Configured By | ELEMENT |
| Access | READ_WRITE |
| Required | No. |
An environment such as security settings.
| Configured By | ELEMENT |
| Access | READ_WRITE |
| Required | No. |
Additional handler factories that allow any interface to be invoked from a remote Oddjob.
| Configured By | ATTRIBUTE |
| Access | READ_WRITE |
| Required | No. |
The log format for formatting log messages. For more information on the format please see http://logging.apache.org/log4j/docs/
| Configured By | ATTRIBUTE |
| Access | READ_WRITE |
| Required | No. |
A name, can be any text.
| Configured By | ATTRIBUTE |
| Access | READ_WRITE |
| Required | Yes. |
The root node.
| Configured By | ATTRIBUTE |
| Access | READ_WRITE |
| Required | No. If none is provided the server connects to the Platform MBean Server. |
The JMX service URL.
Creating a server.
<oddjob id="this">
<job>
<sequential>
<jobs>
<rmireg/>
<jmx:server id="server1" root="${server-jobs}" url="service:jmx:rmi://ignored/jndi/rmi://localhost/freds-oddjob-server" xmlns:jmx="http://rgordon.co.uk/oddjob/jmx"/>
<oddjob file="${this.dir}/ServerJobs.xml" id="server-jobs"/>
</jobs>
</sequential>
</job>
</oddjob>
The nested Oddjob can be any normal Oddjob configuration. Here is the
nested Oddjob used in some client examples. The greeting is in
a folder because it will only be run from the client.
<oddjob>
<job>
<folder>
<jobs>
<echo id="greeting">Hello World</echo>
</jobs>
</folder>
</job>
</oddjob>
Creating a secure server.
<jmx:server root="${some-job}" url="service:jmx:rmi://ignored/jndi/rmi://localhost/my-oddjob" xmlns:jmx="http://rgordon.co.uk/oddjob/jmx">
<environment>
<jmx:server-security>
<passwordFile>
<file file="C:\rob\java\jmx_examples\Security\simple\config\password.properties"/>
</passwordFile>
</jmx:server-security>
</environment>
</jmx:server>