By default, the JMX (mx4j) console is exposed on all installations (all components) of CA Release Automation via HTTP with only basic authentication, for ease of debugging purpose.
Default login/password for the console is nolio/nolio respectively. You can access either of them via:
Server:
http://hostname:20203
Agent:
http://hostname:8282
This may not be acceptable in some environments due to security policies within the organization.
How to enable/disable JMX console in CA Release Automation?
CA Release Automation 5.5.1 onwards
Management Server
The JMX console on the Management Server can be disabled by removing the httpAdaptorMgr management bean from wrapperContext.xml:
1. Edit:
%RA_MANAGEMENT_SERVER_HOME%/webapps/datamanagement/WEB-INF/wrapperContext.xml
===================================================
<beans>
<bean name="httpAdaptorMgr" class="com.nolio.platform.server.dataservices.services.jmx.HttpAdaptorMgr"
autowire="constructor"/>
</beans>
===================================================
2. Remove the bean definitions that are marked in bold in the above snippets.
3. Restart the NolioServer service on the Management Server for the change to take effect.
Windows - In Services.msc restart the 'Nolio Release Automation Server' service
Linux - Go to the RA Home directory and run ./nolio_server.sh restart
The JMX console on the Management Server can be disabled by removing the exporter management bean from execution-servlet.xml :
1. Edit:
%RA_EXECUTION_SERVER_HOME%/webapps/execution/WEB-INF/execution-servlet.xml
===================================================
<beans>
<bean id="exporter" class="com.nolio.platform.server.dataservices.services.jmx.HttpAdaptorMgr" depends-on="propertyConfigurer"/>
</beans>
===================================================
2. Remove the bean definitions that are marked in bold in the above snippets.
3. Restart the NolioServer service on the Execution Server for the change to take effect.
Windows - In Services.msc restart the 'Nolio Release Automation Server' service
Linux - Go to the RA Home directory and run ./nolio_server.sh restart
Agent
Use one of the following methods to disable the JMX console on the agent.
1. Modify $AGENT_HOME/conf/nolio.jmx.properties, set the following properties and restart the agent service. (preferred)
DeployerJmxPort=0
DeployerJmxEnabled=false
2. Remove the HttpAdaptor MBean via WS GET call to JMX console, Ex:
GET http://nolio:nolio@host:8282/delete?objectname=HtmlAdaptor%3Atype%3Dhtmladapter%2Cport%3D8282
It is suggested to insert the above call into the agent startup script.
3. Add a simple FW rule on either windows(Windows firewall, etc) or Linux(iptables, etc) to filter incoming TCP traffic dst port 8282.