Configuring Management Users
The Qpid Java broker has a single source of users for the system.
So a user can connect to the broker to send messages and via the
JMX console to check the state of the broker.
Adding
a new management user
The broker does have some minimal configuration available to
limit which users can connect to the JMX console and what they
can do when they are there.
There are two steps required to add a new user with rights for
the JMX console.
Create a new user login, see HowTo:
Grant the new user permission to the JMX Console
Granting
JMX Console Permissions
By default new users do not have access to the JMX console. The
access to the console is controlled via the file
jmxremote.access.
This file contains a mapping from user to privilege.
There are three privileges available:
readonly - The user is able to log in and view queues but not
make any changes.
readwrite - Grants user ability to read and write queue
attributes such as alerting values.
admin - Grants the user full access including ability to edit
Users and JMX Permissions in addition to readwrite access.
This file is read at start up and can forcibly be reloaded by an
admin user through the management console.