Invalid Users can Connect a JMX Client using SOAP Protocol to WebSphere Application Server
 Technote (troubleshooting)
 
Problem(Abstract)
A JMX client program using an invalid user can make a connection to IBM® WebSphere® Application Server, why?
 
Cause
The SOAP protocol and WebSphere Application Server design does not authenticate the user when the connection is made to the WebSphere Application Server process. So an invalid user can connect and listen for JMX notifications in WebSphere Application Server. But if a WebSphere MBean is called, the user will be validated for authorization before issuing the WebSphere Application Server task.
 
Resolving the problem
Please talk with your IBM account rep to open a feature request to change this design.

Note: RMI does authenticate the user when connecting to the process.

 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Application Client
Operating system(s): AIX
Software version: 6.0
Software edition:
Reference #: 1199322
IBM Group: Software Group
Modified date: Oct 21, 2008