How to enable/disable JMX console in CA Release Automation?

Document ID : KB000029126
Last Modified Date : 06/09/2018
Show Technical Document Details
Introduction:

By default, the JMX (mx4j) console is exposed on all installations (all components) of CA Release Automation via HTTP with only basic authentication, for ease of debugging purpose.

Default login/password for the console is nolio/nolio respectively.  You can access either of them via:

Server:
http://hostname:20203
Agent:
http://hostname:8282

This may not be acceptable in some environments due to security policies within the organization.
How to enable/disable JMX console in CA Release Automation? 

Environment:
CA Release Automation 5.5.1 onwards
Instructions:

Management Server

The JMX console on the Management Server can be disabled by removing the httpAdaptorMgr management bean from wrapperContext.xml:

1. Edit:

%RA_MANAGEMENT_SERVER_HOME%/webapps/datamanagement/WEB-INF/wrapperContext.xml

===================================================
<beans>
    <bean name="httpAdaptorMgr" class="com.nolio.platform.server.dataservices.services.jmx.HttpAdaptorMgr"

          autowire="constructor"/>

</beans>

===================================================

2. Remove the bean definitions that are marked in bold in the above snippets.

3. Restart the NolioServer service on the Management Server for the change to take effect.
    Windows - In Services.msc restart the 'Nolio Release Automation Server' service
     Linux - Go to the RA Home directory and run ./nolio_server.sh restart

 
Execution Server

The JMX console on the Management Server can be disabled by removing the exporter management bean from execution-servlet.xml :

1. Edit:

%RA_EXECUTION_SERVER_HOME%/webapps/execution/WEB-INF/execution-servlet.xml

===================================================

<beans>

<bean id="exporter" class="com.nolio.platform.server.dataservices.services.jmx.HttpAdaptorMgr" depends-on="propertyConfigurer"/>

</beans>

===================================================

2. Remove the bean definitions that are marked in bold in the above snippets.

3. Restart the NolioServer service on the Execution Server for the change to take effect.
    Windows - In Services.msc restart the 'Nolio Release Automation Server' service
     Linux - Go to the RA Home directory and run ./nolio_server.sh restart

       
Agent

Use one of the following methods to disable the JMX console on the agent.

1. Modify $AGENT_HOME/conf/nolio.jmx.properties, set the following properties and restart the agent service. (preferred)
DeployerJmxPort=0
DeployerJmxEnabled=false


2. Remove the HttpAdaptor MBean via WS GET call to JMX console, Ex:

GET http://nolio:nolio@host:8282/delete?objectname=HtmlAdaptor%3Atype%3Dhtmladapter%2Cport%3D8282

It is suggested to insert the above call into the agent startup script. 

​3. Add a simple FW rule on either windows(Windows firewall, etc)  or Linux(iptables, etc) to filter incoming TCP traffic dst port 8282.