Java JMX Client Example - JMX Authentication

In last tutorial we learned about JMX Basics and how can we use JConsole to manage MBeans. Today we will look into java jmx client example and role based authentication through config files.

Java JMX Client

Although JConsole provides a graphical view but it requires human effort to work with MBean and not suitable where you want to invoke some features of MBean periodically. For example, you have a MBean that provides the current state of application and you want to invoke it to check the state every 10 minutes. In this case, having a java program that can work as JMX Client to connect to JMX MBean server and invoke MBean operations are very useful.

JMX Client Example

Here we will write a java program that can connect to MBean server and create a proxy application to invoke MBean operations. I will use the MBean application created in JMX Tutorial and use our client program to connect to MBean. Later on we will check how to make our MBean server secure using JMX Configuration files for role based access and how we can use credentials in the JMX Client to connect to MBean server with correct role.

Before writing JMX Client application, we need to know the port where MBean server is running. Also for starter, we will disable all the authentication. We can do all these by passing correct java options.

So I will start my MBean with following command. Notice the java options specified for MBean server port and disabling SSL and authentication.


For client application to get the MBean proxy, first we need to create JMXServiceURL by passing the RMI host and port.

After that we have to get the JMXConnector instance using it’s factory class.

After that we get MBeanServerConnection from the JMXConnector instance.

After that we get MBean proxy instance using MBeanServerInvocationHandler.

Once we get the proxy instance, we can invoke any operation exposed by the MBean.

Java JMX Client Example Program

Here is the complete JMX Client program that connects to the MBean server and get the SystemConfig MBean proxy instance and invoke exposed methods.

Before running the client application, make sure our MBean application is started with command given at start of the post.
When we will execute client application, it will print following to console.

If you will check terminal where our MBean application is running, you will find following output before program terminates.

So now we know how to write JMX Client program that can connect to remote MBean server and create MBean proxy to use attributes and operations exposed by MBean.

JMX Role Based Authentication

Let’s start configuring our MBean for role based authentication. For this we need to create three files.

  1. JMX Access File: This file contains the roles and access associated with the roles. The access types are readonly or readwrite. For our purpose, create jmxremote.access file with following content.jmxremote.access

    So the role is “myrole” and it has readwrite access to the MBeans.
  2. JMX Password File: This file contains the password of the different roles we have, the password are cleartext, so Java adds a restriction that only application owner should have read-write access on the file.Create a file jmxremote.password with following content.jmxremote.password

    After file is created change permission using command chmod 600 jmxremote.password.
  3. JMX Management Config File: This file contains the JMX properties like port, authentication rules, SSL etc. Create a file with following

    Notice the file path given for access file and password file.

Once all the required files are we will start our JMX MBean application with following command.

Now if you will try to run our JMX Client application, it will throw following exception.

The exception message clearly shows that we need to provide credentials to access the JMX MBean. To provide credentials we need to add following code to our client program.

Notice the constructor is changed to provide credentials while connecting to JMX MBean server. Now the program will run fine and produce same output as earlier.

That’s all for Java JMX Client example and JMX authentication for role based access.

By admin

Leave a Reply

%d bloggers like this: