Some JVMs include built-in support for JMX password authentication.
For example, with the Oracle Java Development Kit (JDK), authentication is enabled by default, and it is possible to specify a properties file that contains usernames and passwords. The properties file syntax is the same as for other Java properties files.
For example, you could create a password file called jmxremote.password:
## Defining two "roles", each with its own password monitorRole derbym controlRole derby
The security of the password file relies on your file system's access control mechanisms. The file must be readable by the owner only. Also, you may need to change the permissions on the password file to be readable only by the user who starts the server. To do this on Windows (NTFS), use a command like the following:
cacls jmxremote.password /P username:R
The following example starts the Network Server on the command line with built-in JMX password authentication enabled. SSL is disabled, meaning that JMX information, including user names and passwords most likely will be transferred unprotected on the computer network. The command line appears on multiple lines to improve readability, but you would enter it as a single java command.
java -Dcom.sun.management.jmxremote.port=9999 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.password.file=jmxremote.password -jar lib/derbyrun.jar server start