Jolokia v1.5.0 Release Notes

Release Date: 2018-02-08 // almost 4 years ago
    • Restrict allowed mime types to text/plain and application/json for the response.
    • 🔒 Because of security reasion, the JSR-160 proxy mode is disabled by default int the Java EE agent. It can be enabled via web.xml configuration, a system property or an environment variable. In addition it is now possible to configure a whitelist with patterns which are allowed as targets in the proxy mode. See the reference manual section on "Proxy mode" for details.
    • 🆕 New authMode service-any and service-all to allow to lookup an org.jolokia.osgi.security.Authenticator used for authentication. Note that this class has been changed from an abstract base class to an interface for ease of customization.