In some Java-based application server environments, a static data structure referred to as a Management Information Base (MIB) is used to describe the different Java beans that the application server exposes. Managed beans (often referred to as MBeans, or custom MBeans) can be created and used by an administrator or application server “customer” to manage applications or services which have been recently deployed onto the application server. In some instances this management can be performed using a network-manager, the Simple Network Management Protocol (SNMP), and one or more SNMP Agents.
However, the network-manager and the SNMP Agent which are associated with a particular application server generally cannot recognize the custom MBeans as SNMP managed resources. A consequence of this is that the network-manager cannot monitor or control custom MBeans, and the attributes which the custom MBeans expose cannot be used within the application server.
Another feature of some Java-based application server environments is that server monitoring information can be exposed through a Java Management Extensions (JMX) interface. JMX provides layered tools and interfaces for managing and monitoring applications, including those deployed on an application server. A JMX layer can receive monitoring information from a MBean server. Within a particular domain, a network-manager's SNMP Agent communicates with other agents in the domain to share information.
Additionally, in a traditional application server, a single SNMP Agent runs within an application server instance, and a network-manager is used to provide a limited view of the domain at a given moment in time. However, generally the network-manager is not continually communicating with managed servers in the domain and in the event of a configuration change at runtime, the application server must be restarted to update the managed servers with the change. Moreover, in many cases the network-manager is either not running or not present on the application server. In these instances, the network-manager may not be able to monitor and communicate with several of the other managed servers on the same domain.
Furthermore, current SNMP protocol standards specify security features that use community strings, which in turn are transmitted as plain text. Because of this, sensitive application server configuration and runtime information can be easily exposed to attackers.
In addition to these nuisances, security aspects such as authentication and privacy must be configured individually for each SNMP Agent on a managed server. Configuring the network-manager to communicate with the agents on the managed servers is a cumbersome task if the domain contains many managed servers.
These and other aspects of server management are areas that embodiments of the present invention are designed to address.