"Fossies" - the Fresh Open Source Software Archive

Member "UNICORE-Client-7.4.1/jre_1.8.192/lib/management/jmxremote.access" (23 Oct 2018, 3998 Bytes) of package /windows/misc/UNICORE_Client-7.4.1-win32.win32.x86.zip:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 ######################################################################
    2 #     Default Access Control File for Remote JMX(TM) Monitoring
    3 ######################################################################
    4 #
    5 # Access control file for Remote JMX API access to monitoring.
    6 # This file defines the allowed access for different roles.  The
    7 # password file (jmxremote.password by default) defines the roles and their
    8 # passwords.  To be functional, a role must have an entry in
    9 # both the password and the access files.
   10 #
   11 # The default location of this file is $JRE/lib/management/jmxremote.access
   12 # You can specify an alternate location by specifying a property in 
   13 # the management config file $JRE/lib/management/management.properties
   14 # (See that file for details)
   15 #
   16 # The file format for password and access files is syntactically the same
   17 # as the Properties file format.  The syntax is described in the Javadoc
   18 # for java.util.Properties.load.
   19 # A typical access file has multiple lines, where each line is blank,
   20 # a comment (like this one), or an access control entry.
   21 #
   22 # An access control entry consists of a role name, and an
   23 # associated access level.  The role name is any string that does not
   24 # itself contain spaces or tabs.  It corresponds to an entry in the
   25 # password file (jmxremote.password).  The access level is one of the
   26 # following:
   27 #       "readonly" grants access to read attributes of MBeans.
   28 #                   For monitoring, this means that a remote client in this
   29 #                   role can read measurements but cannot perform any action
   30 #                   that changes the environment of the running program.
   31 #       "readwrite" grants access to read and write attributes of MBeans,
   32 #                   to invoke operations on them, and optionally
   33 #                   to create or remove them. This access should be granted
   34 #                   only to trusted clients, since they can potentially
   35 #                   interfere with the smooth operation of a running program.
   36 #
   37 # The "readwrite" access level can optionally be followed by the "create" and/or
   38 # "unregister" keywords.  The "unregister" keyword grants access to unregister
   39 # (delete) MBeans.  The "create" keyword grants access to create MBeans of a
   40 # particular class or of any class matching a particular pattern.  Access
   41 # should only be granted to create MBeans of known and trusted classes.
   42 #
   43 # For example, the following entry would grant readwrite access
   44 # to "controlRole", as well as access to create MBeans of the class
   45 # javax.management.monitor.CounterMonitor and to unregister any MBean:
   46 #  controlRole readwrite \
   47 #              create javax.management.monitor.CounterMonitorMBean \
   48 #              unregister
   49 # or equivalently:
   50 #  controlRole readwrite unregister create javax.management.monitor.CounterMBean
   51 #
   52 # The following entry would grant readwrite access as well as access to create
   53 # MBeans of any class in the packages javax.management.monitor and
   54 # javax.management.timer:
   55 #  controlRole readwrite \
   56 #              create javax.management.monitor.*,javax.management.timer.* \
   57 #              unregister
   58 #
   59 # The \ character is defined in the Properties file syntax to allow continuation
   60 # lines as shown here.  A * in a class pattern matches a sequence of characters
   61 # other than dot (.), so javax.management.monitor.* matches
   62 # javax.management.monitor.CounterMonitor but not
   63 # javax.management.monitor.foo.Bar.
   64 #
   65 # A given role should have at most one entry in this file.  If a role
   66 # has no entry, it has no access.
   67 # If multiple entries are found for the same role name, then the last
   68 # access entry is used.
   69 #
   70 #
   71 # Default access control entries:
   72 # o The "monitorRole" role has readonly access.  
   73 # o The "controlRole" role has readwrite access and can create the standard
   74 #   Timer and Monitor MBeans defined by the JMX API.
   75 
   76 monitorRole   readonly
   77 controlRole   readwrite \
   78               create javax.management.monitor.*,javax.management.timer.* \
   79               unregister