jmx:server

Security can be added using the environment property. Simple JMX security comes prepackaged as jmx:server-security. Note that the access file is an Oddjob specific access file. Oddjob requires full read/write access because it uses JMX operations and all JMX operation require full read/write access. Oddjob uses a JMX access format file but provides it's own primitive access control on top the JMX layer. Oddjob's access control removes an entire java interface from the client side proxy if any of it's methods are write. One affect of this is that a read only account can't access properties of the remote job with the ${server/remote-job} syntax because this functionality is provided by the same interface (BeanUtils DynaBean) that allows a remote job's properties to be written.

For more information on JMX Security see The JMX Tutorial.

This service will use the Platform MBeanServer if no url property is provided. Creating an unsecured Oddjob server on a private network can be achieved simply by launching Oddjob with a command line such as:

 java -Dcom.sun.management.jmxremote.port=nnnn \
 -Dcom.sun.management.jmxremote.ssl=false \
 -Dcom.sun.management.jmxremote.authenticate=false \
 -jar run-oddjob.jar -f my-config.xml
 

The server.xml Oddjob configration file in Oddjob's top level directory provides a simple Oddjob server that uses an RMI Registry.

More information on Oddjob servers can be found in the User Guide under 'Sharing Jobs on the Network'.

Property Summary

Example Summary

Property Detail

The address of this server. This is mainly useful for testing

An environment such as security settings.

Additional handler factories that allow any interface to be invoked from a remote Oddjob.

The log format for formatting log messages. For more information on the format please see http://logging.apache.org/log4j/docs/

A name, can be any text.

The root node.

The JMX service URL. If this is not provided the server connects to the Platform MBean Server.

Examples

Creating a server using the platform MBean Server.

<oddjob xmlns:jmx="http://rgordon.co.uk/oddjob/jmx">
  <job>
    <sequential>
      <jobs>
        <jmx:server root="${echo}"/>
        <echo id="echo">Hello from an Oddjob Server!</echo>
      </jobs>
    </sequential>
  </job>
</oddjob>

This is probably the simplest way to launch Oddjob as a server.

Here's an example of the command used to launch it:

 java -Dcom.sun.management.jmxremote.port=13013 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -jar C:\Users\rob\projects\oddjob\run-oddjob.jar -f C:\Users\rob\projects\oddjob\test\java\org\oddjob\jmx\PlatformMBeanServerExample.xml
 

Creating a server using an RMI registry.

<oddjob id="this">
    <job>
        <sequential>
            <jobs>
                <rmireg/>
                <jmx:server id="server1" root="${server-jobs}" url="service:jmx:rmi://ignored/jndi/rmi://localhost/freds-oddjob-server" xmlns:jmx="http://rgordon.co.uk/oddjob/jmx"/>
                <oddjob file="${this.dir}/ServerJobs.xml" id="server-jobs"/>
            </jobs>
        </sequential>
    </job>
</oddjob>

The nested Oddjob can be any normal Oddjob configuration. Here is the nested Oddjob used in some client examples. The greeting is in a folder because it will only be run from the client.

<oddjob>
    <job>
        <folder>
            <jobs>
                <echo id="greeting">Hello World</echo>
            </jobs>
        </folder>
    </job>
</oddjob>

Creating a secure server.

<jmx:server root="${some-job}" url="service:jmx:rmi://ignored/jndi/rmi://localhost/my-oddjob" xmlns:jmx="http://rgordon.co.uk/oddjob/jmx">
    <environment>
        <jmx:server-security>
            <passwordFile>
                <file file="C:\rob\java\jmx_examples\Security\simple\config\password.properties"/>
            </passwordFile>
        </jmx:server-security>
    </environment>
</jmx:server>