Print

[codemonkey]

Hello everyone!

I was wondering if anyone knows how to restrict what users can see in the admin console, as anyone can download the admin console, fire it up, and tear down grids at will. This is a big security issue in my mind. There is no way that I can see how to audit this either.

What can be done on the host machine so that you don't even see grid instances show up in the admin console when accessed from another machine?

If anyone has some suggestions I'd really appreciate it!

[lolo]

Hello,

Unfortunately, as you have noticed, there is cuurently nothing for access control in the admin console.
I have registered a feature request for this: 3474710 - Access control for management and monitoring

What can be done on the host machine so that you don't even see grid instances show up in the admin console when accessed from another machine?

It seems this could be achieved with a firewall, by blocking incoming connections to the JMX port ("jppf.management.port" property) from remote machines.

Sincerely,
-Laurent

[codemonkey]

Hey Laurent, thank you very much and sorry for the late reply.

Thank you for registering the feature request!

By blocking the jppf.management.port with a firewall, how does that effect the remote jppf.client's within applications that need to communicate with the driver(s)?

Thanks again!

[lolo]

Hello,

Blocking the management port will not impact the remote clients' ability to submit jobs and receive their results.
There will only be an impact on your client applications if they make programmatic use of the JMX-based APIs to manage/monitor the grid or the jobs (or for any other purpose).
Furthermore, your local administration console (not affected by the firewall) will still be able to monitor and manage the jobs submitted by these remote clients.

I hope this answers your question.

Sincerely,
-Laurent