javaapache-camelhawtio

Unable to connect to remote server from Hawtio dashboard

I have a camel web application running on remote-server-1 which is a tomcat 8 server. I have attached a jolokia jvm agent on this tomcat as follows-

java -jar jolokia-jvm-1.3.5-agent.jar start <PID>

I get the following response on my local machine by accessing http://remote-server-1:port/jolokia-

{
    "request": {
        "type": "version"
    },
    "value": {
        "agent": "1.3.5",
        "protocol": "7.2",
        "config": {
            "maxDepth": "15",
            "discoveryEnabled": "true",
            "maxCollectionSize": "0",
            "agentId": "***.***.***.**-16224-35a7a114-jvm",
            "debug": "false",
            "agentType": "jvm",
            "historyMaxEntries": "10",
            "agentContext": "\/jolokia",
            "maxObjects": "0",
            "debugMaxEntries": "100"
        },
        "info": {
            "product": "tomcat",
            "vendor": "Apache",
            "version": "8.0.35"
        }
    },
    "timestamp": 1491307702,
    "status": 200
}

I also have hawtio.war deployed on my local-tomcat8.5. When I try to connect to this remote agent, I am redirected to login page. I am not able to figure out where am I going wrong. Can anyone help me with this?

Solution

  • From 2.10.1 on: Use hawtio.proxyAllowlist instead of hawtio.proxyWhitelist. (Thanks rastadrian for pointing it out.)

    Since hawtio 1.5.0 you need to add remote hosts to the hawtio.proxyWhitelist system property.

    http://hawt.io/docs/configuration/#configuration-properties

    hawtio.proxyWhitelist - Comma-separated whitelist for target hosts that the hawtio-jmx Connect plugin can connect to via ProxyServlet (default localhost, 127.0.0.1). All hosts that are not listed in this whitelist are denied to connect for security reasons. This option can be set to * to restore old behavior and whitelist all hosts. Prefixing an element of the list with "r:" allows to define a regexp (example: localhost,r:myservers[0-9]+.mydomain.com)

    If you are using hawtio.war then modify its WEB-INF/web.xml like this:

      <servlet>
    <servlet-name>jolokia-proxy</servlet-name>
    <servlet-class>io.hawt.web.ProxyServlet</servlet-class>
    <!--
      Comma-separated list of allowed target hosts. It is required for security.
      '*' allows all hosts but keep in mind it's vulnerable to security attacks.
    -->
    <init-param>
      <param-name>proxyWhitelist</param-name>
      <param-value>
        localhost,
        127.0.0.1,
        remote-server-1
      </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>