I cannot get Java JMX server to bind to 127.0.0.1 only!

Question

I have a java server. I want to be able to connect to it with a JMX client. I do this:

JMXServiceURL jmxUrl = new JMXServiceURL(null,null,JMX_PORT);
JMXConnectorServer jmxRemoteServer;
jmxRemoteServer=JMXConnectorServerFactory.newJMXConnectorServer(jmxUrl, jmxEnvironment, server);
jmxRemoteServer.start();

This works. I can fire up JConsole and connect to JMX_PORT on my machine and pretty graphs show up.

There is a problem. This causes the JMX server to bind to JMX_PORT on all interfaces. I want to have it bind to 127.0.0.1 only. Otherwise, it is a security concern for me.

According to the documentation, JMXServiceURL jmxUrl = new JMXServiceURL(null,null,config.getJmxRemotePort()); should create a JMXServiceURL with the default protocol (jmxmp) and localhost. I have tried giving it "127.0.0.1" explicitely as an address to bind to, and it did not work either.

Java's JMX server binds to all IP addresses, and refuses to bind to 127.0.0.1 only.

Answer 1

Run this code:

public static void main(String args[]) {
  try {
    InetAddress local = InetAddress.getLocalHost();
    System.out.println("Host address: " + local.getHostAddress());
    System.out.println("Host name: " + local.getHostName());
    System.out.println("Canonical host name: " + local.getCanonicalHostName());
    System.out.println("Address: " + local.getAddress());
  } catch (UnknownHostException e) {
    e.printStackTrace();
  }
}

If you pass null as the host argument the class uses InetAddress.getLocalHost().getHostName(). For me at least it doesn't return "127.0.0.1", it uses my machine's name, which actually seems wrong based on the description (this is not my loopback address). That address is useable by other machines. What happens when you try:

JMXServiceURL jmxUrl = new JMXServiceURL("http","127.0.0.1",JMX_PORT);

or:

JMXServiceURL jmxUrl = new JMXServiceURL(null,"127.0.0.1",JMX_PORT);

If not supplied, the protocol defaults to "jmxmp".