AnsweredAssumed Answered

JMX on WebSphere 8.0 with global security

Question asked by beb4ch on Feb 20, 2014
Latest reply on Feb 20, 2014 by mike_cook

I'm using CA APM 9.5.1.0. We recently had a problem with one of our applications and have realised that it would be helpful to collect certain JMX metrics. We use WebSphere 8.0.0.2 with global security enabled (production system, no way to disable). I have followed the guides to turn on JMX metrics collection but I can only see a very small subset of the available JMX metrics.

This is what I have in my IntroscopeAgent.profile

introscope.agent.jmx.enable=true
introscope.agent.jmx.name.jsr77.disable=false  (tried true just for fun, no change)
introscope.agent.jmx.name.filter=
introscope.agent.jmx.excludeStringMetrics=true

As I said, I see some JMX metrics, but not all... For the ones I am actually interested in I can see errors like this in the System.out log file:

[20.02.14. 12:44:51:401 CET] 00000022 RoleBasedAuth A   SECJ0305I: The role-based authorization check failed for admin-authz operation CacheStatistics:getOnDiskHits.  The user UNAUTHENTICATED (unique ID: unauthenticated) was not granted any of the following required roles: deployer, operator, configurator, monitor, administrator, adminsecuritymanager, auditor.
 
It looks like APM agent is unable to retrieve JMX values because of security. But why? Has anybody seen something like this? 
 
Any help would be appreciated...
 

Outcomes