use of java.rmi.server.RMIServerSocketFactory in project ofbiz-framework by apache.
the class RmiServiceContainer method start.
public boolean start() throws ContainerException {
// get the container config
ContainerConfig.Configuration cfg = ContainerConfig.getConfiguration(containerName, configFile);
ContainerConfig.Configuration.Property initialCtxProp = cfg.getProperty("use-initial-context");
ContainerConfig.Configuration.Property lookupHostProp = cfg.getProperty("bound-host");
ContainerConfig.Configuration.Property lookupPortProp = cfg.getProperty("bound-port");
ContainerConfig.Configuration.Property lookupNameProp = cfg.getProperty("bound-name");
ContainerConfig.Configuration.Property delegatorProp = cfg.getProperty("delegator-name");
ContainerConfig.Configuration.Property clientProp = cfg.getProperty("client-factory");
ContainerConfig.Configuration.Property serverProp = cfg.getProperty("server-factory");
// check the required lookup-name property
if (lookupNameProp == null || UtilValidate.isEmpty(lookupNameProp.value)) {
throw new ContainerException("Invalid lookup-name defined in container configuration");
} else {
this.name = lookupNameProp.value;
}
// check the required delegator-name property
if (delegatorProp == null || UtilValidate.isEmpty(delegatorProp.value)) {
throw new ContainerException("Invalid delegator-name defined in container configuration");
}
String useCtx = initialCtxProp == null || initialCtxProp.value == null ? "false" : initialCtxProp.value;
String host = lookupHostProp == null || lookupHostProp.value == null ? "localhost" : lookupHostProp.value;
String port = lookupPortProp == null || lookupPortProp.value == null ? "1099" : lookupPortProp.value;
if (Start.getInstance().getConfig().portOffset != 0) {
Integer portValue = Integer.valueOf(port);
portValue += Start.getInstance().getConfig().portOffset;
port = portValue.toString();
}
String keystore = ContainerConfig.getPropertyValue(cfg, "ssl-keystore", null);
String ksType = ContainerConfig.getPropertyValue(cfg, "ssl-keystore-type", "JKS");
String ksPass = ContainerConfig.getPropertyValue(cfg, "ssl-keystore-pass", null);
String ksAlias = ContainerConfig.getPropertyValue(cfg, "ssl-keystore-alias", null);
boolean clientAuth = ContainerConfig.getPropertyValue(cfg, "ssl-client-auth", false);
// setup the factories
RMIClientSocketFactory csf = null;
RMIServerSocketFactory ssf = null;
// get the classloader
ClassLoader loader = Thread.currentThread().getContextClassLoader();
// load the factories
if (clientProp != null && UtilValidate.isNotEmpty(clientProp.value)) {
try {
Class<?> c = loader.loadClass(clientProp.value);
csf = (RMIClientSocketFactory) c.newInstance();
} catch (Exception e) {
throw new ContainerException(e);
}
}
if (serverProp != null && UtilValidate.isNotEmpty(serverProp.value)) {
try {
Class<?> c = loader.loadClass(serverProp.value);
ssf = (RMIServerSocketFactory) c.newInstance();
} catch (Exception e) {
throw new ContainerException(e);
}
}
// set the client auth flag on our custom SSL socket factory
if (ssf != null && ssf instanceof org.apache.ofbiz.service.rmi.socket.ssl.SSLServerSocketFactory) {
((org.apache.ofbiz.service.rmi.socket.ssl.SSLServerSocketFactory) ssf).setNeedClientAuth(clientAuth);
((org.apache.ofbiz.service.rmi.socket.ssl.SSLServerSocketFactory) ssf).setKeyStoreAlias(ksAlias);
if (keystore != null) {
((org.apache.ofbiz.service.rmi.socket.ssl.SSLServerSocketFactory) ssf).setKeyStore(keystore, ksType, ksPass);
}
}
// get the delegator for this container
Delegator delegator = DelegatorFactory.getDelegator(delegatorProp.value);
// create the LocalDispatcher
LocalDispatcher dispatcher = ServiceContainer.getLocalDispatcher(name, delegator);
// create the RemoteDispatcher
try {
remote = new RemoteDispatcherImpl(dispatcher, csf, ssf);
} catch (RemoteException e) {
throw new ContainerException("Unable to start the RMI dispatcher", e);
}
if (!"true".equalsIgnoreCase(useCtx)) {
// bind RMIDispatcher to RMI Naming (Must be JRMP protocol)
try {
Naming.rebind("//" + host + ":" + port + "/" + name, remote);
} catch (RemoteException e) {
throw new ContainerException("Unable to bind RMIDispatcher to RMI on " + "//host[" + host + "]:port[" + port + "]/name[" + name + "] - with remote=" + remote, e);
} catch (java.net.MalformedURLException e) {
throw new ContainerException("Invalid URL for binding", e);
}
} else {
// bind RMIDispatcher to InitialContext (must be RMI protocol not IIOP)
try {
InitialContext ic = new InitialContext();
ic.rebind(name, remote);
} catch (NamingException e) {
throw new ContainerException("Unable to bind RMIDispatcher to JNDI", e);
}
// check JNDI
try {
InitialContext ic = new InitialContext();
Object o = ic.lookup(name);
if (o == null) {
throw new NamingException("Object came back null");
}
} catch (NamingException e) {
throw new ContainerException("Unable to lookup bound objects", e);
}
}
return true;
}
use of java.rmi.server.RMIServerSocketFactory in project activemq-artemis by apache.
the class ConnectorServerFactory method setupArtemisRMIServerSocketFactory.
private void setupArtemisRMIServerSocketFactory() {
RMIServerSocketFactory rmiServerSocketFactory = new ArtemisRMIServerSocketFactory(getRmiServerHost());
environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, rmiServerSocketFactory);
}
use of java.rmi.server.RMIServerSocketFactory in project Payara by payara.
the class RMIConnectorStarter method start.
/**
* The start method which configures the SSLSockets needed and then starts the
* JMXConnecterServer.
*
* @return
* @throws MalformedURLException
* @throws IOException
*/
@Override
public JMXConnectorServer start() throws MalformedURLException, IOException, UnknownHostException {
final String name = "jmxrmi";
final String hostname = hostname();
final Map<String, Object> env = new HashMap<>();
env.put("jmx.remote.jndi.rebind", "true");
// Provide SSL-based RMI socket factories.
env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, sslCsf);
env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, sslServerSocketFactory);
// For binding the JMXConnectorServer with the Registry
env.put("com.sun.jndi.rmi.factory.socket", sslCsf);
JMXAuthenticator authenticator = getAccessController();
if (authenticator != null) {
env.put("jmx.remote.authenticator", authenticator);
}
// env.put("jmx.remote.protocol.provider.pkgs", "com.sun.jmx.remote.protocol");
// env.put("jmx.remote.protocol.provider.class.loader", this.getClass().getClassLoader());
final String jmxHostPort = hostname + ":" + mPort;
final String registryHostPort = hostname + ":" + mPort;
// !!!
// extended JMXServiceURL uses the same port for both the RMIRegistry and the client port
// see: http://blogs.sun.com/jmxetc/entry/connecting_through_firewall_using_jmx
// the first hostPort value is the host/port to be used for the client connections; this makes it a fixed
// port number and we're making it the same as the RMI registry port.
// final String urlStr = "service:jmx:rmi:///jndi/rmi://" + hostPort + "/" + name;
final String urlStr = "service:jmx:rmi://" + jmxHostPort + "/jndi/rmi://" + registryHostPort + "/" + name;
mJMXServiceURL = new JMXServiceURL(urlStr);
if (mBindToSingleIP) {
RMIServerSocketFactory rmiSSF = isSecurityEnabled() ? sslServerSocketFactory : mServerSocketFactory;
mMyServer = new MyRMIJRMPServerImpl(mPort, env, rmiSSF, hostname);
mConnectorServer = new RMIConnectorServer(mJMXServiceURL, env, mMyServer, mMBeanServer);
} else {
mConnectorServer = JMXConnectorServerFactory.newJMXConnectorServer(mJMXServiceURL, env, mMBeanServer);
}
if (mBootListener != null) {
mConnectorServer.addNotificationListener(mBootListener, null, mJMXServiceURL.toString());
}
mConnectorServer.start();
return mConnectorServer;
}
use of java.rmi.server.RMIServerSocketFactory in project geode by apache.
the class ConnectionNotificationFilterImpl method startRMIConnectorServer.
/**
* Defines and starts the JMX RMIConnector and service.
* <p>
* If {@link AgentConfig#isRmiEnabled} returns false, then this adaptor will not be started.
*/
private void startRMIConnectorServer() {
if (!this.agentConfig.isRmiEnabled())
return;
String rmiBindAddress = this.agentConfig.getRmiBindAddress();
// Set RMI Stubs to use the given RMI Bind Address
// Default bindAddress is "", if none is set - ignore if not set
// If java.rmi.server.hostname property is specified then
// that override is not changed
String rmiStubServerNameKey = "java.rmi.server.hostname";
String overrideHostName = System.getProperty(rmiStubServerNameKey);
if ((overrideHostName == null || overrideHostName.trim().length() == 0) && (rmiBindAddress != null && rmiBindAddress.trim().length() != 0)) {
System.setProperty(rmiStubServerNameKey, rmiBindAddress);
logger.info(LocalizedMessage.create(LocalizedStrings.AgentImpl_SETTING_0, new StringBuilder(rmiStubServerNameKey).append(" = ").append(rmiBindAddress)));
}
try {
createRMIRegistry();
ObjectName objName = getRMIConnectorServerName();
// make sure this adaptor is not already registered...
if (getMBeanServer().isRegistered(objName)) {
// dunno how we got here...
logger.info(LocalizedMessage.create(LocalizedStrings.AgentImpl_RMICONNECTORSERVER_ALREADY_REGISTERED_AS__0, objName));
return;
}
/*
* url defined as: service:jmx:protocol:sap where 1. protocol: rmi 2. sap is:
* [host[:port]][url-path] where host: rmi-binding-address port: rmi-server-port url-path:
* /jndi/rmi://<rmi-binding-address>:<rmi-port><JNDI_NAME>
*/
String urlString = null;
String connectorServerHost = "";
int connectorServerPort = this.agentConfig.getRmiServerPort();
String rmiRegistryHost = "";
int rmiRegistryPort = this.agentConfig.getRmiPort();
// RMI stubs would use a default IP if namingHost is left empty
if (rmiBindAddress == null || rmiBindAddress.trim().length() == 0) {
connectorServerHost = "localhost";
rmiRegistryHost = "";
} else {
connectorServerHost = applyRFC2732(rmiBindAddress);
rmiRegistryHost = connectorServerHost;
}
urlString = MessageFormat.format(AgentImpl.JMX_SERVICE_URL, connectorServerHost, String.valueOf(connectorServerPort), rmiRegistryHost, String.valueOf(rmiRegistryPort), JNDI_NAME);
logger.debug("JMX Service URL string is : \"{}\"", urlString);
// The address of the connector
JMXServiceURL url = new JMXServiceURL(urlString);
Map<String, Object> env = new HashMap<String, Object>();
// env.put(Context.INITIAL_CONTEXT_FACTORY,
// "com.sun.jndi.rmi.registry.RegistryContextFactory");
// env.put(Context.PROVIDER_URL, "rmi://localhost:1099");
RMIServerSocketFactory ssf = new // true,
MX4JServerSocketFactory(// true,
this.agentConfig.isAgentSSLEnabled(), // true,
this.agentConfig.isAgentSSLRequireAuth(), // "any",
this.agentConfig.getAgentSSLProtocols(), // "any",
this.agentConfig.getAgentSSLCiphers(), // backlog
this.agentConfig.getRmiBindAddress(), // backlog
10, this.agentConfig.getGfSecurityProperties());
env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, ssf);
if (this.agentConfig.isAgentSSLEnabled()) {
RMIClientSocketFactory csf = new SslRMIClientSocketFactory();
env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, csf);
}
// will be set by registering w/ mbeanServer
MBeanServer mbs = null;
this.rmiConnector = JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
// for cleanup
this.rmiConnector.addNotificationListener(new ConnectionNotificationAdapter(), new ConnectionNotificationFilterImpl(), this);
// Register the JMXConnectorServer in the MBeanServer
getMBeanServer().registerMBean(this.rmiConnector, objName);
// Start the JMXConnectorServer
this.rmiConnector.start();
} catch (VirtualMachineError err) {
SystemFailure.initiateFailure(err);
// now, so don't let this thread continue.
throw err;
} catch (Throwable t) {
// Whenever you catch Error or Throwable, you must also
// catch VirtualMachineError (see above). However, there is
// _still_ a possibility that you are dealing with a cascading
// error condition, so you also need to check to see if the JVM
// is still usable:
SystemFailure.checkFailure();
logger.error(LocalizedStrings.AgentImpl_FAILED_TO_START_RMICONNECTORSERVER, t);
throw new StartupException(LocalizedStrings.AgentImpl_FAILED_TO_START_RMI_SERVICE.toLocalizedString(), t);
}
}
use of java.rmi.server.RMIServerSocketFactory in project geode by apache.
the class ManagementAgent method configureAndStart.
/**
* http://docs.oracle.com/javase/6/docs/technotes/guides/management/agent.html #gdfvq
* https://blogs.oracle.com/jmxetc/entry/java_5_premain_rmi_connectors
* https://blogs.oracle.com/jmxetc/entry/building_a_remotely_stoppable_connector
* https://blogs.oracle.com/jmxetc/entry/jmx_connecting_through_firewalls_using
* https://blogs.oracle.com/jmxetc/entry/java_5_premain_rmi_connectors
*/
private void configureAndStart() throws IOException {
// get the port for RMI Registry and RMI Connector Server
final int port = this.config.getJmxManagerPort();
final String hostname;
final InetAddress bindAddr;
if (StringUtils.isBlank(this.config.getJmxManagerBindAddress())) {
hostname = SocketCreator.getLocalHost().getHostName();
bindAddr = null;
} else {
hostname = this.config.getJmxManagerBindAddress();
bindAddr = InetAddress.getByName(hostname);
}
String jmxManagerHostnameForClients = this.config.getJmxManagerHostnameForClients();
if (StringUtils.isNotBlank(jmxManagerHostnameForClients)) {
System.setProperty("java.rmi.server.hostname", jmxManagerHostnameForClients);
}
final SocketCreator socketCreator = SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX);
final boolean ssl = socketCreator.useSSL();
if (logger.isDebugEnabled()) {
logger.debug("Starting jmx manager agent on port {}{}", port, (bindAddr != null ? (" bound to " + bindAddr) : "") + (ssl ? " using SSL" : ""));
}
// RMISocketFactory.getDefaultSocketFactory();
RMIClientSocketFactory rmiClientSocketFactory = ssl ? new SslRMIClientSocketFactory() : null;
RMIServerSocketFactory rmiServerSocketFactory = new GemFireRMIServerSocketFactory(socketCreator, bindAddr);
// Following is done to prevent rmi causing stop the world gcs
System.setProperty("sun.rmi.dgc.server.gcInterval", Long.toString(Long.MAX_VALUE - 1));
// Create the RMI Registry using the SSL socket factories above.
// In order to use a single port, we must use these factories
// everywhere, or nowhere. Since we want to use them in the JMX
// RMI Connector server, we must also use them in the RMI Registry.
// Otherwise, we wouldn't be able to use a single port.
// Start an RMI registry on port <port>.
registry = LocateRegistry.createRegistry(port, rmiClientSocketFactory, rmiServerSocketFactory);
// Retrieve the PlatformMBeanServer.
MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
// Environment map. why is this declared as HashMap?
final HashMap<String, Object> env = new HashMap<String, Object>();
// Manually creates and binds a JMX RMI Connector Server stub with the
// registry created above: the port we pass here is the port that can
// be specified in "service:jmx:rmi://"+hostname+":"+port - where the
// RMI server stub and connection objects will be exported.
// Here we choose to use the same port as was specified for the
// RMI Registry. We can do so because we're using \*the same\* client
// and server socket factories, for the registry itself \*and\* for this
// object.
final RMIServerImpl stub = new RMIJRMPServerImpl(port, rmiClientSocketFactory, rmiServerSocketFactory, env);
// Create an RMI connector server.
//
// As specified in the JMXServiceURL the RMIServer stub will be
// registered in the RMI registry running in the local host on
// port <port> with the name "jmxrmi". This is the same name the
// out-of-the-box management agent uses to register the RMIServer
// stub too.
//
// The port specified in "service:jmx:rmi://"+hostname+":"+port
// is the second port, where RMI connection objects will be exported.
// Here we use the same port as that we choose for the RMI registry.
// The port for the RMI registry is specified in the second part
// of the URL, in "rmi://"+hostname+":"+port
//
// We construct a JMXServiceURL corresponding to what we have done
// for our stub...
final JMXServiceURL url = new JMXServiceURL("service:jmx:rmi://" + hostname + ":" + port + "/jndi/rmi://" + hostname + ":" + port + "/jmxrmi");
// Create an RMI connector server with the JMXServiceURL
//
// JDK 1.5 cannot use JMXConnectorServerFactory because of
// http://bugs.sun.com/view_bug.do?bug_id=5107423
// but we're using JDK 1.6
jmxConnectorServer = new RMIConnectorServer(new JMXServiceURL("rmi", hostname, port), env, stub, mbs) {
@Override
public JMXServiceURL getAddress() {
return url;
}
@Override
public synchronized void start() throws IOException {
try {
registry.bind("jmxrmi", stub);
} catch (AlreadyBoundException x) {
final IOException io = new IOException(x.getMessage());
io.initCause(x);
throw io;
}
super.start();
}
};
if (securityService.isIntegratedSecurity()) {
shiroAuthenticator = new JMXShiroAuthenticator();
env.put(JMXConnectorServer.AUTHENTICATOR, shiroAuthenticator);
jmxConnectorServer.addNotificationListener(shiroAuthenticator, null, jmxConnectorServer.getAttributes());
// always going to assume authorization is needed as well, if no custom AccessControl, then
// the CustomAuthRealm
// should take care of that
MBeanServerWrapper mBeanServerWrapper = new MBeanServerWrapper();
jmxConnectorServer.setMBeanServerForwarder(mBeanServerWrapper);
registerAccessControlMBean();
} else {
/* Disable the old authenticator mechanism */
String pwFile = this.config.getJmxManagerPasswordFile();
if (pwFile != null && pwFile.length() > 0) {
env.put("jmx.remote.x.password.file", pwFile);
}
String accessFile = this.config.getJmxManagerAccessFile();
if (accessFile != null && accessFile.length() > 0) {
// Lets not use default connector based authorization
// env.put("jmx.remote.x.access.file", accessFile);
// Rewire the mbs hierarchy to set accessController
ReadOpFileAccessController controller = new ReadOpFileAccessController(accessFile);
controller.setMBeanServer(mbs);
mbs = controller;
}
}
jmxConnectorServer.start();
if (logger.isDebugEnabled()) {
logger.debug("Finished starting jmx manager agent.");
}
}
Aggregations