Java management extensions (JMX)
If you are interested in internal metrics like JVM or web server statistics, you can use Java Management Extensions (JMX). JMX is a Java technology for monitoring and managing devices, applications, and service-driven networks. For more information please refer to the JMX documentation.
For security reasons Airlock IAM has JMX disabled by default for remote monitoring and management.
However for the SCA, you can enable JMX for remote access for example by setting the following VM options:
java.rmi.server.hostname=192.168.1.10 com.sun.management.jmxremote.port=8999 com.sun.management.jmxremote.ssl=false com.sun.management.jmxremote.authenticate=false
In this example, you would accept JMX RMI connections on IP address 192.168.1.10 and port 8999 without Secure Sockets Layer (SSL) and authentication.
Then you could connect with jconsole to Airlock IAM using the following connection string:
service:jmx:rmi:///jndi/rmi://192.168.1.10:8999/jmxrmi
We strongly advice using SSL and authentication in production. Please refer to the JMX documentation for how to setup SSL and authentication.
For Docker, you can enable JMX for example with slightly different VM options:
java.rmi.server.hostname=0.0.0.0 com.sun.management.jmxremote.rmi.port=8999 com.sun.management.jmxremote.port=8999 com.sun.management.jmxremote.ssl=false com.sun.management.jmxremote.authenticate=false
With jconsole you could then use the following connection string to connect to Airlock IAM:
service:jmx:rmi:///jndi/rmi://localhost:8999/jmxrmi
Enable JMX in instance.properties
There are several ways to pass these four VM options to Airlock IAM.
However the easiest way to enable JMX, is to set the property iam.java.opts in instance.properties like this:
iam.java.opts = -Djava.rmi.server.hostname=192.168.1.10 -Dcom.sun.management.jmxremote.port=8999 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false
This will enable JMX for remote access as described in the SCA example above.