< prev index next >
src/jdk.management.agent/share/conf/jmxremote.password.template
Print this page
@@ -1,15 +1,16 @@
# ----------------------------------------------------------------------
# Template for jmxremote.password
#
# o Copy this template to jmxremote.password
# o Set the user/password entries in jmxremote.password
-# o Change the permission of jmxremote.password to read-only
-# by the owner.
+# o Change the permission of jmxremote.password to be accessible
+# only by the owner.
+# o The jmxremote.passwords file will be re-written by the server
+ to replace all plain text passwords with hashed passwords when
+ the file is read by the server.
#
-# See below for the location of jmxremote.password file.
-# ----------------------------------------------------------------------
##############################################################
# Password File for Remote JMX Monitoring
##############################################################
#
@@ -22,43 +23,82 @@
# Default location of this file is $JRE/conf/management/jmxremote.password
# You can specify an alternate location by specifying a property in
# the management config file $JRE/conf/management/management.properties
# or by specifying a system property (See that file for details).
-
##############################################################
-# File permissions of the jmxremote.password file
+# File format of the jmxremote.password file
##############################################################
-# Since there are cleartext passwords stored in this file,
-# this file must be readable by ONLY the owner,
-# otherwise the program will exit with an error.
#
-# The file format for password and access files is syntactically the same
-# as the Properties file format. The syntax is described in the Javadoc
-# for java.util.Properties.load.
-# Typical password file has multiple lines, where each line is blank,
+# The file contains multiple lines where each line is blank,
# a comment (like this one), or a password entry.
#
+# password entry follows below syntax
+# role_name W [clearPassword|hashedPassword]
+#
+# role_name is any string that does not itself contain spaces or tabs.
+# W = spaces or tabs
#
-# A password entry consists of a role name and an associated
-# password. The role name is any string that does not itself contain
-# spaces or tabs. The password is again any string that does not
-# contain spaces or tabs. Note that passwords appear in the clear in
-# this file, so it is a good idea not to use valuable passwords.
+# Passwords can be specified using clear text or via a hash. Clear text password
+# is any string that does not contain spaces or tabs. Hashed passwords must
+# follow the below format.
+# hashedPassword = base64_encoded_salt W base64_encoded_hash W hash_algorithm
+# where,
+# base64_encoded_hash = Hash_algorithm(password + salt)
+# W = spaces or tabs
+# hash_algorithm = Algorithm string specified using format below
+# https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#MessageDigest
+# MD5, SHA-1 and SHA-256 are supported algorithms.
+# This is an optional field. If not specified SHA-256 will be assumed.
+#
+# If passwords are in clear, they will be over-written by their hash if all of
+# the below criteria are met.
+# * com.sun.management.jmxremote.password.hashpasswords property is set to true in
+# management.properties file
+# * the password file is writable
+# * the system security policy allows writing into the password file, if a
+# security manager is configured
+#
+# In order to change password for a role, replace the hashed password entry
+# with the clear text password or the new hashed password. If the new password
+# is in clear, it will be replaced with its hash when a new login attempt is made.
#
# A given role should have at most one entry in this file. If a role
# has no entry, it has no access.
# If multiple entries are found for the same role name, then the last one
# is used.
#
-# In a typical installation, this file can be read by anybody on the
+# A user generated hashed password file can also be used instead of clear-text
+# password file. If generated by user, hashed passwords must follow
+# format specified above.
+
+##############################################################
+# File permissions of the jmxremote.password file
+##############################################################
+# This file must be made accessible by ONLY the owner,
+# otherwise the program will exit with an error.
+#
+# In a typical installation, this file can be accessed by anybody on the
# local machine, and possibly by people on other machines.
-# For # security, you should either restrict the access to this file,
+# For security, you should either restrict the access to this file except for owner,
# or specify another, less accessible file in the management config file
# as described above.
#
-# Following are two commented-out entries. The "measureRole" role has
-# password "QED". The "controlRole" role has password "R&D".
+
+##############################################################
+# Sample of the jmxremote.password file
+##############################################################
+# Following are two commented-out entries. The "monitorRole" role has
+# password "QED". The "controlRole" role has password "R&D". This is example
+# of specifying passwords in clear
#
# monitorRole QED
# controlRole R&D
+#
+# Once a login attempt is made, passwords will be hashed and the file will have
+# below entries with clear passwords overwritten by their respective
+# SHA-256 hash
+#
+# monitorRole 818kn2GKCT1IqMKnJhwtmow8v/9cv++8bJbhjO+ugX0= WqoaqEAVub/PenLY2wxLMLCdPRa+rFCWCWM0Zh/wR38= SHA-256
+# controlRole ALO98BOPW9rqvvtzzn7Lx7Q2uNWZdUf9PtY0g9aQ5lk= yobRA/4ygyJQTE2gEe4xQdYu7IexBHl0SSP9mEHFFhA= SHA-256
+#
< prev index next >