GoogleCodeExporter
commented
9 years ago First, you can read this:
https://code.google.com/p/javamelody/wiki/UserGuideAdvanced#5._Security_with_a_c
ollect_server
Then, to secure the access to the collect server you have some options. For
example:
- use a Apache http server in front and secure in Apache
- or use Tomcat instead of the Winstone Servlet Container and secure in Tomcat
- or you can use a system property with a regexp of IP range in the collect
server like you can in the monitored webapp. For example:
-Djavamelody.allowed-addr-pattern=127\.0\.0\.1
- or you can add security-constraint in the WEB-INF/web.xml of the collect
server webapp as suggested by ChrisMyers at the bottom of this page:
https://code.google.com/p/javamelody/wiki/UserGuideAdvanced#5._Security_with_a_c
ollect_server
- or I have just added support of the authorized-users parameter in the collect
server. So, in the next release (1.53) you will be able to add the following
system property in the collect server:
-Djavamelody.authorized-users=user1:pwd1,user2:pwd2
If you need the last one now, you can download a snapshot from trunk there:
https://javamelody.ci.cloudbees.com/job/javamelody%20ant/lastSuccessfulBuild/art
ifact/javamelody.war
Is it OK and can we close this issue?Original comment by evernat@free.fr on 18 Sep 2014 at 10:50
Original issue reported on code.google.com by
josephar...@gmail.comon 10 Sep 2014 at 7:55