This configuration is needed only if you are going to monitor Tomcat remotely. It is not needed if you are going to monitor it locally, using the same user that Tomcat runs with.
The Oracle website includes the list of options and how to configure JMX Remote on Java 6:http://docs.oracle.com/javase/6/docs/technotes/guides/management/agent.html.
The following is a quick configuration guide for Java 6:
Add the following parameters to setenv.bat script of your Tomcat.
Note: This syntax is for Microsoft Windows. The command has to be on the same line. It is wrapped to be more readable. If Tomcat is running as a Windows service, use its configuration dialog to set java options for the service. For un*xes remove “set ” from beginning of the line.
set CATALINA_OPTS=-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=%my.jmx.port%
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=false
- If you require authorization, add and change this:
-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password
-Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access
- edit the access authorization file $CATALINA_BASE/conf/jmxremote.access:
monitorRole readonly
controlRole readwrite
edit the password file $CATALINA_BASE/conf/jmxremote.password:
monitorRole tomcat
controlRole tomcat
Tip: The password file should be read-only and only accessible by the operating system user Tomcat is running as.
Note: The JSR 160 JMX-Adaptor opens a second data channel on a random port. That is a problem when you have a local firewall installed. To fix it, configure a JmxRemoteLifecycleListener, as described in listenersdocumentation.
