Access Management

MBean monitoring (legacy)

This functionality is labeled as legacy.

You can configure AM to let you access a web based view of AM MBeans on port 8082 where the core server runs, such as http://openam.example.com:8082/. Either use the console (Configure > Global Services > Monitoring), or use the ssoadm command:

$ ssoadm \
set-attr-defs \
--servicename iPlanetAMMonitoringService \
--schematype Global \
--adminid uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org \
--password-file /tmp/pwd.txt \
--attributevalues iplanet-am-monitoring-http-enabled=true

The default authentication file lets you authenticate over HTTP as user demo, password Ch4ng31t. The user name and password are kept in the file specified, with the password encrypted:

$ cat openam/security/openam_mon_auth
demo AQICMBCKlwx6G3vzK3TYYRbtTpNYAagVIPNP

You can encrypt a new password using the ampassword command. After changing the authentication file, you must restart AM for the changes to take effect.

You can monitor an instance through a web browser.
Figure 1. MBeans in a browser