CODEWITHSUNDEEP
javaapache-camelhawtio
Abhishek
Abhishek

Reputation: 717

Unable to connect to remote server from Hawtio dashboard

I have a camel web application running on remote-server-1 which is a tomcat 8 server. I have attached a jolokia jvm agent on this tomcat as follows-

java -jar jolokia-jvm-1.3.5-agent.jar start <PID>

I get the following response on my local machine by accessing http://remote-server-1:port/jolokia-

{
    "request": {
        "type": "version"
    },
    "value": {
        "agent": "1.3.5",
        "protocol": "7.2",
        "config": {
            "maxDepth": "15",
            "discoveryEnabled": "true",
            "maxCollectionSize": "0",
            "agentId": "***.***.***.**-16224-35a7a114-jvm",
            "debug": "false",
            "agentType": "jvm",
            "historyMaxEntries": "10",
            "agentContext": "\/jolokia",
            "maxObjects": "0",
            "debugMaxEntries": "100"
        },
        "info": {
            "product": "tomcat",
            "vendor": "Apache",
            "version": "8.0.35"
        }
    },
    "timestamp": 1491307702,
    "status": 200
}

I also have hawtio.war deployed on my local-tomcat8.5. When I try to connect to this remote agent, I am redirected to login page. I am not able to figure out where am I going wrong. Can anyone help me with this?

Upvotes: 6

Views: 10594

Answers (2)

Tadayoshi Sato
Tadayoshi Sato

Reputation: 1766

From 2.10.1 on: Use hawtio.proxyAllowlist instead of hawtio.proxyWhitelist. (Thanks rastadrian for pointing it out.)

Since hawtio 1.5.0 you need to add remote hosts to the hawtio.proxyWhitelist system property.

http://hawt.io/docs/configuration/#configuration-properties

hawtio.proxyWhitelist - Comma-separated whitelist for target hosts that the hawtio-jmx Connect plugin can connect to via ProxyServlet (default localhost, 127.0.0.1). All hosts that are not listed in this whitelist are denied to connect for security reasons. This option can be set to * to restore old behavior and whitelist all hosts. Prefixing an element of the list with "r:" allows to define a regexp (example: localhost,r:myservers[0-9]+.mydomain.com)

If you are using hawtio.war then modify its WEB-INF/web.xml like this:

  <servlet>
    <servlet-name>jolokia-proxy</servlet-name>
    <servlet-class>io.hawt.web.ProxyServlet</servlet-class>
    <!--
      Comma-separated list of allowed target hosts. It is required for security.
      '*' allows all hosts but keep in mind it's vulnerable to security attacks.
    -->
    <init-param>
      <param-name>proxyWhitelist</param-name>
      <param-value>
        localhost,
        127.0.0.1,
        remote-server-1
      </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>

Upvotes: 15

JanTheGun
JanTheGun

Reputation: 2213

If you are using the runnable JAR version of Hawtio you can pass the parameter hawtio.proxyWhitelist also when starting the application:

java -Dhawtio.proxyWhitelist=SERVERNAME -jar hawtio-app-1.5.3.jar

Upvotes: 16

Related Questions