To me the solution is simple. Just add a JMX authenticator that passes the jconsole username and password through to our Authenticator. We could support additional auth mechanisms, but we are limited to whatever RMI gives us. We need a r3 based impl for that.