developers

    Forum Stats

  • 3,874,066 Users
  • 2,266,672 Discussions
  • 7,911,719 Comments

Discussions

Can the Java management port be restricted to a specific network interface

Bill S
Bill S Member Posts: 16 Blue Ribbon
edited Feb 25, 2019 4:40PM in Java Mission Control

For security, is there a way to only enable the management console on a specific interface?

If I can restrict the listen port to localhost, then I'll know only admins with access to log into the server can access it.

Thanks,

Bill

Answers

  • Hirt-Oracle
    Hirt-Oracle Member Posts: 268
    edited Feb 25, 2019 4:40PM

    You typically do not want to run JMC on the same machine that you're monitoring, as you don't want to waste all those resources on your server. That said, you can simply start JMC and access the process over the local management agent (if JMC is run as the same effective user). If running as the same effective user is not an option, there is actually (since JDK9) a system property you can use to bind the remote agent to a specific host/interface: -Dcom.sun.management.jmxremote.host

    Good luck!

developers