The JDK's forgotten JMX protocol: A return to JMXMP
Information on the revival of the JMXMP protocol and its advantages for Java engineers.
Java engineers often encounter the RMI-based JMX protocol when connecting with JConsole or JDK Mission Control. However, the JMXMP protocol allows for a more straightforward connection with a single socket and TLS support. Although seemingly abandoned since 2008, it has been revived with the new release of druva-lib-jmxmp 2.0.0, which incorporates security measures and a modular structure.
The new JMXMP mandates TLS and SASL authentication, enhancing security and allowing for the identification of each connection. This is crucial for tracking who made changes in production environments. Additionally, a filtering mechanism for deserialization has been implemented, along with improved authorization processes. As a result, the JMXMP protocol is being re-evaluated as a secure and effective management tool for modern Java applications.