1 28 package net.sf.jguard.ext.java5.authentication.jmx; 29 30 import java.io.IOException ; 31 import java.net.MalformedURLException ; 32 import java.rmi.RemoteException ; 33 import java.rmi.registry.LocateRegistry ; 34 import java.util.ArrayList ; 35 import java.util.Arrays ; 36 import java.util.HashMap ; 37 import java.util.List ; 38 import java.util.Map ; 39 import java.util.logging.Logger ; 40 41 import javax.management.MBeanServer ; 42 import javax.management.MBeanServerFactory ; 43 import javax.management.remote.JMXConnectorServer ; 44 import javax.management.remote.JMXConnectorServerFactory ; 45 import javax.management.remote.JMXServiceURL ; 46 import javax.management.remote.MBeanServerForwarder ; 47 import javax.management.remote.rmi.RMIConnectorServer ; 48 import javax.security.auth.login.Configuration ; 49 50 import net.sf.jguard.core.authorization.policy.AccessControllerUtils; 51 import net.sf.jguard.ext.SecurityConstants; 52 53 57 public class JMXHelper { 58 59 private static final String COM_SUN_JNDI_RMI_REGISTRY_REGISTRY_CONTEXT_FACTORY = "com.sun.jndi.rmi.registry.RegistryContextFactory"; 60 private static final Logger logger = Logger.getLogger(JMXHelper.class.getName()); 61 private static final String JAVA_NAMING_FACTORY_INITIAL = "java.naming.factory.initial"; 62 63 public static void enableJMXSecurity(String applicationName,Map opts,Configuration configuration,AccessControllerUtils authorizationUtils) { 64 String mbeanServerForConnector = (String )opts.get(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR); 66 67 MBeanServer mbs = null; 68 if(mbeanServerForConnector==null ||mbeanServerForConnector==""||"new".equals(mbeanServerForConnector)){ 69 mbs = MBeanServerFactory.createMBeanServer(applicationName); 70 logger.info("Starting JMX Server ..."); 71 }else if(mbeanServerForConnector.startsWith("position#")){ 72 mbeanServerForConnector = mbeanServerForConnector.substring(0, 9); 75 int position = Integer.parseInt(mbeanServerForConnector); 76 ArrayList mbeanServers = MBeanServerFactory.findMBeanServer(null); 79 mbs = (MBeanServer )mbeanServers.get(position); 80 81 }else{ 82 List tokens = Arrays.asList(mbeanServerForConnector.split("#")); 87 String mbeanServerName = (String )tokens.get(0); 88 String position = null; 89 if(tokens.size()>=2){ 90 position = (String )tokens.get(1); 91 }else{ 92 position ="0"; 93 } 94 ArrayList mbeanServers = MBeanServerFactory.findMBeanServer(mbeanServerName); 95 96 mbs = (MBeanServer )mbeanServers.get(Integer.parseInt(position)); 97 98 } 99 String rmiRegistryHost=SecurityConstants.DEFAULT_RMI_REGISTRY_HOST; 100 if(opts.get(SecurityConstants.RMI_REGISTRY_HOST)!=null){ 101 rmiRegistryHost=(String )opts.get(SecurityConstants.RMI_REGISTRY_HOST); 102 } 103 104 int rmiRegistryPort=SecurityConstants.DEFAULT_RMI_REGISTRY_PORT; 105 if(opts.get(SecurityConstants.RMI_REGISTRY_PORT)!=null){ 106 try{ 107 rmiRegistryPort=Integer.parseInt((String )opts.get(SecurityConstants.RMI_REGISTRY_PORT)); 108 }catch(NumberFormatException e){ 109 logger.warning("RmiRegistry port in web.xml is not a number. Using default."); 110 } 111 } 112 113 try{ 114 LocateRegistry.createRegistry(rmiRegistryPort); 116 118 }catch(RemoteException e){ 119 logger.severe("Could not found rmiRegistry : "+e.getMessage()); 120 } 121 122 String serviceURL = "service:jmx:rmi://localhost/jndi/rmi://"+rmiRegistryHost+":"+rmiRegistryPort+"/"+applicationName; 123 JMXServiceURL url=null; 124 try { 125 url=new JMXServiceURL (serviceURL); 126 } catch (MalformedURLException e) { 127 logger.severe("MalformedURLException : "+e); 128 } 129 logger.info("JMX Server URL : "+url.toString()); 130 131 JGuardJMXAuthenticator jmxAuthenticator= null; 132 133 if(configuration==null){ 135 jmxAuthenticator=new JGuardJMXAuthenticator(applicationName,Thread.currentThread().getContextClassLoader()); 136 }else{ 137 jmxAuthenticator=new JGuardJMXAuthenticator(applicationName,Thread.currentThread().getContextClassLoader(),configuration); 138 } 139 140 Map options=new HashMap (); 141 options.put(JMXConnectorServer.AUTHENTICATOR,jmxAuthenticator); 142 options.put(JAVA_NAMING_FACTORY_INITIAL,JMXHelper.COM_SUN_JNDI_RMI_REGISTRY_REGISTRY_CONTEXT_FACTORY); 143 options.put(RMIConnectorServer.JNDI_REBIND_ATTRIBUTE,"true"); 144 try { 145 JMXConnectorServer connectorServer= JMXConnectorServerFactory.newJMXConnectorServer(url,options,mbs); 146 147 if(authorizationUtils.getAccessController()!=null){ 149 MBeanServerForwarder msf = new MBeanServerGuard(authorizationUtils.getAccessController()); 151 connectorServer.setMBeanServerForwarder(msf); 152 } 153 connectorServer.start(); 154 } catch (IOException e) { 155 logger.severe("IOException : "+e); 156 } 157 158 } 159 160 } 161 | Popular Tags |