7.7.2.1. Tomcat JMX for Windows
-
Edit
bin/setenv.bat
in the following way:set CATALINA_OPTS=%CATALINA_OPTS% ^ -Dcom.sun.management.jmxremote ^ -Djava.rmi.server.hostname=192.168.10.10 ^ -Dcom.sun.management.jmxremote.ssl=false ^ -Dcom.sun.management.jmxremote.port=7777 ^ -Dcom.sun.management.jmxremote.authenticate=true ^ -Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password ^ -Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access
Here, the
java.rmi.server.hostname
parameter should contain the actual IP address or the DNS name of the computer where the server is running;com.sun.management.jmxremote.port
sets the port for JMX tools connection. -
Edit the
conf/jmxremote.access
file. It should contain user names that will be connecting to the JMX and their access level. For example:admin readwrite
-
Edit the
conf/jmxremote.password
file. It should contain passwords for the JMX users, for example:admin admin
-
The password file should have reading permissions only for the user running the Tomcat. server. You can configure permissions the following way:
-
Open the command line and go to the conf folder
-
Run the command:`cacls jmxremote.password /P "domain_name\user_name":R`
where
domain_name\user_name
is the user’s domain and name -
After this command is executed, the file will be displayed as locked (with a lock icon) in Explorer.
-
-
If Tomcat is installed as a Windows service, then the service should be started on behalf of the user who has access permissions for jmxremote.password. It should be kept in mind that in this case the
bin/setenv.bat
file is ignored and the corresponding JVM startup properties should be specified in the application that configures the service.