Example 6 with JMXPrincipal
use of javax.management.remote.JMXPrincipal in project activemq-artemis by apache.
the class TextFileCertificateLoginModuleTest method getJaasCertificateCallbackHandler.
private JaasCallbackHandler getJaasCertificateCallbackHandler(String user) {
JMXPrincipal principal = new JMXPrincipal(user);
X509Certificate cert = new StubX509Certificate(principal);
return new JaasCallbackHandler(null, null, null) {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof CertificateCallback) {
CertificateCallback certCallback = (CertificateCallback) callback;
certCallback.setCertificates(new X509Certificate[] { cert });
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
};
}
Also used :
CertificateCallback(org.apache.activemq.artemis.spi.core.security.jaas.CertificateCallback)
Callback(javax.security.auth.callback.Callback)
JMXPrincipal(javax.management.remote.JMXPrincipal)
CertificateCallback(org.apache.activemq.artemis.spi.core.security.jaas.CertificateCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
X509Certificate(javax.security.cert.X509Certificate)
JaasCallbackHandler(org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler)
Example 7 with JMXPrincipal
use of javax.management.remote.JMXPrincipal in project geode by apache.
the class JMXShiroAuthenticator method authenticate.
@Override
public Subject authenticate(Object credentials) {
String username = null;
Properties credProps = new Properties();
if (credentials instanceof Properties) {
credProps = (Properties) credentials;
username = credProps.getProperty(ResourceConstants.USER_NAME);
} else if (credentials instanceof String[]) {
final String[] aCredentials = (String[]) credentials;
username = aCredentials[0];
credProps.setProperty(ResourceConstants.USER_NAME, aCredentials[0]);
credProps.setProperty(ResourceConstants.PASSWORD, aCredentials[1]);
} else {
throw new AuthenticationFailedException(MISSING_CREDENTIALS_MESSAGE);
}
org.apache.shiro.subject.Subject shiroSubject = this.securityService.login(credProps);
Principal principal;
if (shiroSubject == null) {
principal = new JMXPrincipal(username);
} else {
principal = new ShiroPrincipal(shiroSubject);
}
return new Subject(true, Collections.singleton(principal), Collections.EMPTY_SET, Collections.EMPTY_SET);
}
Also used :
AuthenticationFailedException(org.apache.geode.security.AuthenticationFailedException)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Properties(java.util.Properties)
Principal(java.security.Principal)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Subject(javax.security.auth.Subject)
Example 8 with JMXPrincipal
use of javax.management.remote.JMXPrincipal in project jdk8u_jdk by JetBrains.
the class SimpleStandard method checkSubject.
/*
* ---------------
* PRIVATE METHODS
* ---------------
*/
/**
* Check that the principal contained in the Subject is of
* type JMXPrincipal and refers to the "monitorRole" identity.
*/
private void checkSubject() {
AccessControlContext acc = AccessController.getContext();
Subject subject = Subject.getSubject(acc);
Set principals = subject.getPrincipals();
Principal principal = (Principal) principals.iterator().next();
if (!(principal instanceof JMXPrincipal))
throw new SecurityException("Authenticated subject contains " + "invalid principal type = " + principal.getClass().getName());
String identity = principal.getName();
if (!identity.equals("monitorRole"))
throw new SecurityException("Authenticated subject contains " + "invalid principal name = " + identity);
}
Also used :
Set(java.util.Set)
AccessControlContext(java.security.AccessControlContext)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Subject(javax.security.auth.Subject)
Principal(java.security.Principal)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Example 9 with JMXPrincipal
use of javax.management.remote.JMXPrincipal in project jdk8u_jdk by JetBrains.
the class SubjectDelegation1Test method main.
public static void main(String[] args) throws Exception {
// Check for supported operating systems: Solaris
//
// This test runs only on Solaris due to CR 6285916
//
String osName = System.getProperty("os.name");
System.out.println("os.name = " + osName);
if (!osName.equals("SunOS")) {
System.out.println("This test runs on Solaris only.");
System.out.println("Bye! Bye!");
return;
}
String policyFile = args[0];
String testResult = args[1];
System.out.println("Policy file = " + policyFile);
System.out.println("Expected test result = " + testResult);
JMXConnectorServer jmxcs = null;
JMXConnector jmxc = null;
try {
// Create an RMI registry
//
System.out.println("Start RMI registry...");
Registry reg = null;
int port = 5800;
while (port++ < 6000) {
try {
reg = LocateRegistry.createRegistry(port);
System.out.println("RMI registry running on port " + port);
break;
} catch (RemoteException e) {
// Failed to create RMI registry...
System.out.println("Failed to create RMI registry " + "on port " + port);
}
}
if (reg == null) {
System.exit(1);
}
// Set the default password file
//
final String passwordFile = System.getProperty("test.src") + File.separator + "jmxremote.password";
System.out.println("Password file = " + passwordFile);
// Set policy file
//
final String policy = System.getProperty("test.src") + File.separator + policyFile;
System.out.println("PolicyFile = " + policy);
System.setProperty("java.security.policy", policy);
// Instantiate the MBean server
//
System.out.println("Create the MBean server");
MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
// Register the SimpleStandardMBean
//
System.out.println("Create SimpleStandard MBean");
SimpleStandard s = new SimpleStandard("delegate");
mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));
// Create Properties containing the username/password entries
//
Properties props = new Properties();
props.setProperty("jmx.remote.x.password.file", passwordFile);
// Initialize environment map to be passed to the connector server
//
System.out.println("Initialize environment map");
HashMap env = new HashMap();
env.put("jmx.remote.authenticator", new JMXPluggableAuthenticator(props));
// Create an RMI connector server
//
System.out.println("Create an RMI connector server");
JMXServiceURL url = new JMXServiceURL("rmi", null, 0, "/jndi/rmi://:" + port + "/server" + port);
jmxcs = JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
jmxcs.start();
// Create an RMI connector client
//
System.out.println("Create an RMI connector client");
HashMap cli_env = new HashMap();
// These credentials must match those in the default password file
//
String[] credentials = new String[] { "monitorRole", "QED" };
cli_env.put("jmx.remote.credentials", credentials);
jmxc = JMXConnectorFactory.connect(url, cli_env);
Subject delegationSubject = new Subject(true, Collections.singleton(new JMXPrincipal("delegate")), Collections.EMPTY_SET, Collections.EMPTY_SET);
MBeanServerConnection mbsc = jmxc.getMBeanServerConnection(delegationSubject);
// Get domains from MBeanServer
//
System.out.println("Domains:");
String[] domains = mbsc.getDomains();
for (int i = 0; i < domains.length; i++) {
System.out.println("\tDomain[" + i + "] = " + domains[i]);
}
// Get MBean count
//
System.out.println("MBean count = " + mbsc.getMBeanCount());
// Get State attribute
//
String oldState = (String) mbsc.getAttribute(new ObjectName("MBeans:type=SimpleStandard"), "State");
System.out.println("Old State = \"" + oldState + "\"");
// Set State attribute
//
System.out.println("Set State to \"changed state\"");
mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"), new Attribute("State", "changed state"));
// Get State attribute
//
String newState = (String) mbsc.getAttribute(new ObjectName("MBeans:type=SimpleStandard"), "State");
System.out.println("New State = \"" + newState + "\"");
if (!newState.equals("changed state")) {
System.out.println("Invalid State = \"" + newState + "\"");
System.exit(1);
}
// Add notification listener on SimpleStandard MBean
//
System.out.println("Add notification listener...");
mbsc.addNotificationListener(new ObjectName("MBeans:type=SimpleStandard"), new NotificationListener() {
public void handleNotification(Notification notification, Object handback) {
System.out.println("Received notification: " + notification);
}
}, null, null);
// Unregister SimpleStandard MBean
//
System.out.println("Unregister SimpleStandard MBean...");
mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));
} catch (SecurityException e) {
if (testResult.equals("ko")) {
System.out.println("Got expected security exception = " + e);
} else {
System.out.println("Got unexpected security exception = " + e);
e.printStackTrace();
throw e;
}
} catch (Exception e) {
System.out.println("Unexpected exception caught = " + e);
e.printStackTrace();
throw e;
} finally {
//
if (jmxc != null)
jmxc.close();
//
if (jmxcs != null)
jmxcs.stop();
// Say goodbye
//
System.out.println("Bye! Bye!");
}
}
Also used :
JMXServiceURL(javax.management.remote.JMXServiceURL)
JMXPluggableAuthenticator(com.sun.jmx.remote.security.JMXPluggableAuthenticator)
HashMap(java.util.HashMap)
Attribute(javax.management.Attribute)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Registry(java.rmi.registry.Registry)
LocateRegistry(java.rmi.registry.LocateRegistry)
Properties(java.util.Properties)
Subject(javax.security.auth.Subject)
Notification(javax.management.Notification)
RemoteException(java.rmi.RemoteException)
JMXConnectorServer(javax.management.remote.JMXConnectorServer)
ObjectName(javax.management.ObjectName)
JMXConnector(javax.management.remote.JMXConnector)
RemoteException(java.rmi.RemoteException)
MBeanServerConnection(javax.management.MBeanServerConnection)
MBeanServer(javax.management.MBeanServer)
NotificationListener(javax.management.NotificationListener)
Example 10 with JMXPrincipal
use of javax.management.remote.JMXPrincipal in project jdk8u_jdk by JetBrains.
the class RMIConnectorInternalMapTest method main.
public static void main(String[] args) throws Exception {
System.out.println("---RMIConnectorInternalMapTest starting...");
JMXConnectorServer connectorServer = null;
JMXConnector connectorClient = null;
try {
MBeanServer mserver = ManagementFactory.getPlatformMBeanServer();
JMXServiceURL serverURL = new JMXServiceURL("rmi", "localhost", 0);
connectorServer = JMXConnectorServerFactory.newJMXConnectorServer(serverURL, null, mserver);
connectorServer.start();
JMXServiceURL serverAddr = connectorServer.getAddress();
connectorClient = JMXConnectorFactory.connect(serverAddr, null);
connectorClient.connect();
Field rmbscMapField = RMIConnector.class.getDeclaredField("rmbscMap");
rmbscMapField.setAccessible(true);
Map<Subject, WeakReference<MBeanServerConnection>> map = (Map<Subject, WeakReference<MBeanServerConnection>>) rmbscMapField.get(connectorClient);
if (map != null && !map.isEmpty()) {
// failed
throw new RuntimeException("RMIConnector's rmbscMap must be empty at the initial time.");
}
Subject delegationSubject = new Subject(true, Collections.singleton(new JMXPrincipal("delegate")), Collections.EMPTY_SET, Collections.EMPTY_SET);
MBeanServerConnection mbsc1 = connectorClient.getMBeanServerConnection(delegationSubject);
MBeanServerConnection mbsc2 = connectorClient.getMBeanServerConnection(delegationSubject);
if (mbsc1 == null) {
throw new RuntimeException("Got null connection.");
}
if (mbsc1 != mbsc2) {
throw new RuntimeException("Not got same connection with a same subject.");
}
map = (Map<Subject, WeakReference<MBeanServerConnection>>) rmbscMapField.get(connectorClient);
if (map == null || map.isEmpty()) {
// failed
throw new RuntimeException("RMIConnector's rmbscMap has wrong size " + "after creating a delegated connection.");
}
delegationSubject = null;
mbsc1 = null;
mbsc2 = null;
int i = 0;
while (!map.isEmpty() && i++ < 60) {
System.gc();
Thread.sleep(100);
}
System.out.println("---GC times: " + i);
if (!map.isEmpty()) {
throw new RuntimeException("Failed to clean RMIConnector's rmbscMap");
} else {
System.out.println("---RMIConnectorInternalMapTest: PASSED!");
}
} finally {
try {
connectorClient.close();
connectorServer.stop();
} catch (Exception e) {
}
}
}
Also used :
JMXServiceURL(javax.management.remote.JMXServiceURL)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Subject(javax.security.auth.Subject)
JMXConnectorServer(javax.management.remote.JMXConnectorServer)
Field(java.lang.reflect.Field)
JMXConnector(javax.management.remote.JMXConnector)
WeakReference(java.lang.ref.WeakReference)
Map(java.util.Map)
MBeanServerConnection(javax.management.MBeanServerConnection)
MBeanServer(javax.management.MBeanServer)
Aggregations
JMXPrincipal (javax.management.remote.JMXPrincipal)15
Subject (javax.security.auth.Subject)10
Principal (java.security.Principal)4
MBeanServer (javax.management.MBeanServer)4
JMXServiceURL (javax.management.remote.JMXServiceURL)4
Properties (java.util.Properties)3
MBeanServerConnection (javax.management.MBeanServerConnection)3
ObjectName (javax.management.ObjectName)3
JMXConnector (javax.management.remote.JMXConnector)3
JMXConnectorServer (javax.management.remote.JMXConnectorServer)3
JMXPluggableAuthenticator (com.sun.jmx.remote.security.JMXPluggableAuthenticator)2
RemoteException (java.rmi.RemoteException)2
LocateRegistry (java.rmi.registry.LocateRegistry)2
Registry (java.rmi.registry.Registry)2
AccessControlContext (java.security.AccessControlContext)2
X509Certificate (java.security.cert.X509Certificate)2
HashMap (java.util.HashMap)2
Set (java.util.Set)2
Attribute (javax.management.Attribute)2
Notification (javax.management.Notification)2
