HowTo: Configure JMX connection without authentication for Bitbucket Data Center
Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.
Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
Bitbucket Data Center allows Java Applications to use JMX without authentication. The ownership and permissions of the JMX access file are limited as mentioned here: JMX counters for performance monitoring. However, it is possible to achieve an unauthenticated connection by following the steps given in this article.
Environment
Tested successfully on Bitbucket Data Center version 8.19.2
Java Version: OpenJDK Runtime Environment Temurin-11.0.18+10 (build 11.0.18+10)
Solution
Connection to JMX without authentication:
- Complete the steps to set up JMX on the Bitbucket Server by following the knowledge base Enabling JMX counters for performance monitoring.
- This must include the creation of the jmx.access file and setting JMX_REMOTE_AUTH=password. Without this, Bitbucket will not enable the JMX.
Add the below Java options in the _start-webapp.sh file in the Bitbucket Installation Directory. Locate the JAVA_OPTS variable and add the given line just below the JAVA_OPTS line.
JAVA_OPTS="-Dcom.sun.management.jmxremote.authenticate=false ${JAVA_OPTS}"- Restart the Bitbucket Server and test the JMX connection without using the username and password. Only connect using host:port.
Comprehensive documentation is available from Oracle.
Please note
It is not recommended to disable authentication or SSL in *production* environments.