I'd like to secure (via https) the JSR-160 communication which is used for going from the JMX proxy to the target server. Proxy code should handle client certificates. Requests forwarded with username/password in clear-text to the target server is a security limitation.
Regards