Start tomcat with custom JMX properties
Answered
I want to start a Local Tomcat configuration with the following VM options:
-Dcom.sun.management.jmxremote=
-Dcom.sun.management.jmxremote.port=8086
-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.password.file=$PATH_TO_PASSWORD_FILE
however, on startup I get the following output:
INFO: Command line argument: -Dcom.sun.management.jmxremote=
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote.port=8086
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote.authenticate=true
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote.ssl=false
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote.password.file=PATH TO THE FILE GOES HERE
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote=
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote.port=1099
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote.ssl=false
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Dcom.sun.management.jmxremote.authenticate=false
Mar 22, 2019 20:10:04 org.apache.catalina.startup.VersionLoggerListener log
INFO: Command line argument: -Djava.rmi.server.hostname=127.0.0.1
How can I prevent my settings from being overwritten?
Please sign in to leave a comment.
You can't override it when using Tomcat integration, these arguments are hardcoded.
I remember that previously it was possible. Why did you break it and when will you return it back? Our application uses com.sun.management.jmxremote.password.file to provide custom properties. Now it is not possible and idea is useless for our development!
The fix was implemented to address the possible security vulnerability.
To restore the behavior of the previous IDE versions you can add -Djavaee.jmxremote.authenticate=false in Help | Edit Custom VM Options and restart IntelliJ IDEA.
Note that in this case IntelliJ IDEA will administer Tomcat via the unsecured JMX connection which is a security vulnerability, potentially allowing remote code execution.
It seems to work. Thank you.
The -Djavaee.jmxremote.authenticate=false option no longer works in version 2020.3.
The only work around I have found that works is by adding -Dcom.sun.management.jmxremote.authenticate=false to the VM Options of the tomcat execution config. This was suggested https://youtrack.jetbrains.com/issue/IDEA-134779#focus=Comments-27-2891301.0-0
@...
I've updated IDEA from version 2020.2 right away to version 2021.1 and faced this issue but the mentioned workaround didn't work. Do you know about a working solution for 2021.1 version?
@...
I added your feedback to IDEA-134779 and asked the responsible developer to provide an update.
See this article if you are not familiar with YouTrack.
@...
Any updates on this?
Olnexia
Not yet. Voting for IDEA-134779 is the best way to bring more attention to the issue.