1 ##################################################################### 2 # Default Configuration File for Java Platform Management 3 ##################################################################### 4 # 5 # The Management Configuration file (in java.util.Properties format) 6 # will be read if one of the following system properties is set: 7 # -Dcom.sun.management.jmxremote.port=<port-number> 8 # or -Dcom.sun.management.snmp.port=<port-number> 9 # or -Dcom.sun.management.config.file=<this-file> 10 # 11 # The default Management Configuration file is: 12 # 13 # $JRE/lib/management/management.properties 14 # 15 # Another location for the Management Configuration File can be specified 16 # by the following property on the Java command line: 17 # 18 # -Dcom.sun.management.config.file=<this-file> 19 # 20 # If -Dcom.sun.management.config.file=<this-file> is set, the port 21 # number for the management agent can be specified in the config file 22 # using the following lines: 23 # 24 # ################ Management Agent Port ######################### 25 # 26 # For setting the JMX RMI agent port use the following line 27 # com.sun.management.jmxremote.port=<port-number> 28 # 29 # For setting the SNMP agent port use the following line 30 # com.sun.management.snmp.port=<port-number> 31 32 ##################################################################### 33 # Optional Instrumentation 34 ##################################################################### 35 # 36 # By default only the basic instrumentation with low overhead is on. 37 # The following properties allow to selectively turn on optional 38 # instrumentation which are off by default and may have some 39 # additional overhead. 40 # 41 # com.sun.management.enableThreadContentionMonitoring 42 # 43 # This option enables thread contention monitoring if the 44 # Java virtual machine supports such instrumentation. 45 # Refer to the specification for the java.lang.management.ThreadMBean 46 # interface - see isThreadContentionMonitoringSupported() method. 47 # 48 49 # To enable thread contention monitoring, uncomment the following line 50 # com.sun.management.enableThreadContentionMonitoring 51 52 ##################################################################### 53 # SNMP Management Properties 54 ##################################################################### 55 # 56 # If the system property -Dcom.sun.management.snmp.port=<port-number> 57 # is set then 58 # - The SNMP agent (with the Java virtual machine MIB) is started 59 # that listens on the specified port for incoming SNMP requests. 60 # - the following properties for read for SNMP management. 61 # 62 # The configuration can be specified only at startup time. 63 # Later changes to the above system property (e.g. via setProperty method), this 64 # config file, or the ACL file has no effect to the running SNMP agent. 65 # 66 67 # 68 # ##################### SNMP Trap Port ######################### 69 # 70 # com.sun.management.snmp.trap=<trap-destination-port-number> 71 # Specifies the remote port number at which managers are expected 72 # to listen for trap. For each host defined in the ACL file, 73 # the SNMP agent will send traps at <host>:<trap-destination-port-number> 74 # Default for this property is 162. 75 # 76 77 # To set port for sending traps to a different port use the following line 78 # com.sun.management.snmp.trap=<trap-destination-port-number> 79 80 # 81 # ################ SNMP listen interface ######################### 82 # 83 # com.sun.management.snmp.interface=<InetAddress> 84 # Specifies the local interface on which the SNMP agent will bind. 85 # This is useful when running on machines which have several 86 # interfaces defined. It makes it possible to listen to a specific 87 # subnet accessible through that interface. 88 # Default for this property is "localhost". 89 # 90 # The format of the value for that property is any string accepted 91 # by java.net.InetAddress.getByName(String). 92 # 93 94 # For restricting the port on which SNMP agent listens use the following line 95 # com.sun.management.snmp.interface=<InetAddress> 96 97 # 98 # #################### SNMP ACL file ######################### 99 # 100 # com.sun.management.snmp.acl=true|false 101 # Default for this property is true. (Case for true/false ignored) 102 # If this property is specified as false then the ACL file 103 # is not checked: all manager hosts are allowed all access. 104 # 105 106 # For SNMP without checking ACL file uncomment the following line 107 # com.sun.management.snmp.acl=false 108 109 # 110 # com.sun.management.snmp.acl.file=filepath 111 # Specifies location for ACL file 112 # This is optional - default location is 113 # $JRE/lib/management/snmp.acl 114 # 115 # If the property "com.sun.management.snmp.acl" is set to false, 116 # then this property and the ACL file are ignored. 117 # Otherwise the ACL file must exist and be in the valid format. 118 # If the ACL file is empty or non existent then no access is allowed. 119 # 120 # The SNMP agent will read the ACL file at startup time. 121 # Modification to the ACL file has no effect to any running SNMP 122 # agents which read that ACL file at startup. 123 # 124 125 # For a non-default acl file location use the following line 126 # com.sun.management.snmp.acl.file=filepath 127 128 ##################################################################### 129 # RMI Management Properties 130 ##################################################################### 131 # 132 # If system property -Dcom.sun.management.jmxremote.port=<port-number> 133 # is set then 134 # - A MBean server is started 135 # - JRE Platform MBeans are registered in the MBean server 136 # - RMI connector is published in a private readonly registry at 137 # specified port using a well known name, "jmxrmi" 138 # - the following properties are read for JMX remote management. 139 # 140 # The configuration can be specified only at startup time. 141 # Later changes to above system property (e.g. via setProperty method), 142 # this config file, the password file, or the access file have no effect to the 143 # running MBean server, the connector, or the registry. 144 # 145 146 # 147 # ########## RMI connector settings for local management ########## 148 # 149 # com.sun.management.jmxremote.local.only=true|false 150 # Default for this property is true. (Case for true/false ignored) 151 # If this property is specified as true then the local JMX RMI connector 152 # server will only accept connection requests from clients running on 153 # the host where the out-of-the-box JMX management agent is running. 154 # In order to ensure backwards compatibility this property could be 155 # set to false. However, deploying the local management agent in this 156 # way is discouraged because the local JMX RMI connector server will 157 # accept connection requests from any client either local or remote. 158 # For remote management the remote JMX RMI connector server should 159 # be used instead with authentication and SSL/TLS encryption enabled. 160 # 161 162 # For allowing the local management agent accept local 163 # and remote connection requests use the following line 164 # com.sun.management.jmxremote.local.only=false 165 166 # 167 # ###################### RMI SSL ############################# 168 # 169 # com.sun.management.jmxremote.ssl=true|false 170 # Default for this property is true. (Case for true/false ignored) 171 # If this property is specified as false then SSL is not used. 172 # 173 174 # For RMI monitoring without SSL use the following line 175 # com.sun.management.jmxremote.ssl=false 176 177 # com.sun.management.jmxremote.ssl.config.file=filepath 178 # Specifies the location of the SSL configuration file. A properties 179 # file can be used to supply the keystore and truststore location and 180 # password settings thus avoiding to pass them as cleartext in the 181 # command-line. 182 # 183 # The current implementation of the out-of-the-box management agent will 184 # look up and use the properties specified below to configure the SSL 185 # keystore and truststore, if present: 186 # javax.net.ssl.keyStore=<keystore-location> 187 # javax.net.ssl.keyStorePassword=<keystore-password> 188 # javax.net.ssl.trustStore=<truststore-location> 189 # javax.net.ssl.trustStorePassword=<truststore-password> 190 # Any other properties in the file will be ignored. This will allow us 191 # to extend the property set in the future if required by the default 192 # SSL implementation. 193 # 194 # If the property "com.sun.management.jmxremote.ssl" is set to false, 195 # then this property is ignored. 196 # 197 198 # For supplying the keystore settings in a file use the following line 199 # com.sun.management.jmxremote.ssl.config.file=filepath 200 201 # com.sun.management.jmxremote.ssl.enabled.cipher.suites=<cipher-suites> 202 # The value of this property is a string that is a comma-separated list 203 # of SSL/TLS cipher suites to enable. This property can be specified in 204 # conjunction with the previous property "com.sun.management.jmxremote.ssl" 205 # in order to control which particular SSL/TLS cipher suites are enabled 206 # for use by accepted connections. If this property is not specified then 207 # the SSL/TLS RMI Server Socket Factory uses the SSL/TLS cipher suites that 208 # are enabled by default. 209 # 210 211 # com.sun.management.jmxremote.ssl.enabled.protocols=<protocol-versions> 212 # The value of this property is a string that is a comma-separated list 213 # of SSL/TLS protocol versions to enable. This property can be specified in 214 # conjunction with the previous property "com.sun.management.jmxremote.ssl" 215 # in order to control which particular SSL/TLS protocol versions are 216 # enabled for use by accepted connections. If this property is not 217 # specified then the SSL/TLS RMI Server Socket Factory uses the SSL/TLS 218 # protocol versions that are enabled by default. 219 # 220 221 # com.sun.management.jmxremote.ssl.need.client.auth=true|false 222 # Default for this property is false. (Case for true/false ignored) 223 # If this property is specified as true in conjunction with the previous 224 # property "com.sun.management.jmxremote.ssl" then the SSL/TLS RMI Server 225 # Socket Factory will require client authentication. 226 # 227 228 # For RMI monitoring with SSL client authentication use the following line 229 # com.sun.management.jmxremote.ssl.need.client.auth=true 230 231 # com.sun.management.jmxremote.registry.ssl=true|false 232 # Default for this property is false. (Case for true/false ignored) 233 # If this property is specified as true then the RMI registry used 234 # to bind the RMIServer remote object is protected with SSL/TLS 235 # RMI Socket Factories that can be configured with the properties: 236 # com.sun.management.jmxremote.ssl.config.file 237 # com.sun.management.jmxremote.ssl.enabled.cipher.suites 238 # com.sun.management.jmxremote.ssl.enabled.protocols 239 # com.sun.management.jmxremote.ssl.need.client.auth 240 # If the two properties below are true at the same time, i.e. 241 # com.sun.management.jmxremote.ssl=true 242 # com.sun.management.jmxremote.registry.ssl=true 243 # then the RMIServer remote object and the RMI registry are 244 # both exported with the same SSL/TLS RMI Socket Factories. 245 # 246 247 # For using an SSL/TLS protected RMI registry use the following line 248 # com.sun.management.jmxremote.registry.ssl=true 249 250 # 251 # ################ RMI User authentication ################ 252 # 253 # com.sun.management.jmxremote.authenticate=true|false 254 # Default for this property is true. (Case for true/false ignored) 255 # If this property is specified as false then no authentication is 256 # performed and all users are allowed all access. 257 # 258 259 # For RMI monitoring without any checking use the following line 260 # com.sun.management.jmxremote.authenticate=false 261 262 # 263 # ################ RMI Login configuration ################### 264 # 265 # com.sun.management.jmxremote.login.config=<config-name> 266 # Specifies the name of a JAAS login configuration entry to use when 267 # authenticating users of RMI monitoring. 268 # 269 # Setting this property is optional - the default login configuration 270 # specifies a file-based authentication that uses the password file. 271 # 272 # When using this property to override the default login configuration 273 # then the named configuration entry must be in a file that gets loaded 274 # by JAAS. In addition, the login module(s) specified in the configuration 275 # should use the name and/or password callbacks to acquire the user's 276 # credentials. See the NameCallback and PasswordCallback classes in the 277 # javax.security.auth.callback package for more details. 278 # 279 # If the property "com.sun.management.jmxremote.authenticate" is set to 280 # false, then this property and the password & access files are ignored. 281 # 282 283 # For a non-default login configuration use the following line 284 # com.sun.management.jmxremote.login.config=<config-name> 285 286 # 287 # ################ RMI Password file location ################## 288 # 289 # com.sun.management.jmxremote.password.file=filepath 290 # Specifies location for password file 291 # This is optional - default location is 292 # $JRE/lib/management/jmxremote.password 293 # 294 # If the property "com.sun.management.jmxremote.authenticate" is set to 295 # false, then this property and the password & access files are ignored. 296 # Otherwise the password file must exist and be in the valid format. 297 # If the password file is empty or non-existent then no access is allowed. 298 # 299 300 # For a non-default password file location use the following line 301 # com.sun.management.jmxremote.password.file=filepath 302 303 # 304 # ################ RMI Access file location ##################### 305 # 306 # com.sun.management.jmxremote.access.file=filepath 307 # Specifies location for access file 308 # This is optional - default location is 309 # $JRE/lib/management/jmxremote.access 310 # 311 # If the property "com.sun.management.jmxremote.authenticate" is set to 312 # false, then this property and the password & access files are ignored. 313 # Otherwise, the access file must exist and be in the valid format. 314 # If the access file is empty or non-existent then no access is allowed. 315 # 316 317 # For a non-default password file location use the following line 318 # com.sun.management.jmxremote.access.file=filepath 319 # 320 321 # ################ Management agent listen interface ######################### 322 # 323 # com.sun.management.jmxremote.host=<host-or-interface-name> 324 # Specifies the local interface on which the JMX RMI agent will bind. 325 # This is useful when running on machines which have several 326 # interfaces defined. It makes it possible to listen to a specific 327 # subnet accessible through that interface. 328 # 329 # The format of the value for that property is any string accepted 330 # by java.net.InetAddress.getByName(String). 331 # 332
