Search in sources :

Example 1 with SslRMIServerSocketFactory

use of javax.rmi.ssl.SslRMIServerSocketFactory in project tomcat by apache.

the class JmxRemoteLifecycleListener method lifecycleEvent.

@Override
public void lifecycleEvent(LifecycleEvent event) {
    // When the server starts, configure JMX/RMI
    if (Lifecycle.START_EVENT.equals(event.getType())) {
        // Configure using standard jmx system properties
        init();
        // Prevent an attacker guessing the RMI object ID
        System.setProperty("java.rmi.server.randomIDs", "true");
        // Create the environment
        HashMap<String, Object> env = new HashMap<>();
        RMIClientSocketFactory registryCsf = null;
        RMIServerSocketFactory registrySsf = null;
        RMIClientSocketFactory serverCsf = null;
        RMIServerSocketFactory serverSsf = null;
        // Configure registry socket factories
        if (rmiRegistrySSL) {
            registryCsf = new SslRMIClientSocketFactory();
            if (rmiBindAddress == null) {
                registrySsf = new SslRMIServerSocketFactory(ciphers, protocols, clientAuth);
            } else {
                registrySsf = new SslRmiServerBindSocketFactory(ciphers, protocols, clientAuth, rmiBindAddress);
            }
        } else {
            if (rmiBindAddress != null) {
                registrySsf = new RmiServerBindSocketFactory(rmiBindAddress);
            }
        }
        // Configure server socket factories
        if (rmiServerSSL) {
            serverCsf = new SslRMIClientSocketFactory();
            if (rmiBindAddress == null) {
                serverSsf = new SslRMIServerSocketFactory(ciphers, protocols, clientAuth);
            } else {
                serverSsf = new SslRmiServerBindSocketFactory(ciphers, protocols, clientAuth, rmiBindAddress);
            }
        } else {
            if (rmiBindAddress != null) {
                serverSsf = new RmiServerBindSocketFactory(rmiBindAddress);
            }
        }
        // the configured address.
        if (rmiBindAddress != null) {
            System.setProperty("java.rmi.server.hostname", rmiBindAddress);
        }
        // Force the use of local ports if required
        if (useLocalPorts) {
            registryCsf = new RmiClientLocalhostSocketFactory(registryCsf);
            serverCsf = new RmiClientLocalhostSocketFactory(serverCsf);
        }
        env.put("jmx.remote.rmi.server.credential.types", new String[] { String[].class.getName(), String.class.getName() });
        // Populate the env properties used to create the server
        if (serverCsf != null) {
            env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, serverCsf);
            env.put("com.sun.jndi.rmi.factory.socket", registryCsf);
        }
        if (serverSsf != null) {
            env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, serverSsf);
        }
        // Configure authentication
        if (authenticate) {
            env.put("jmx.remote.x.password.file", passwordFile);
            env.put("jmx.remote.x.access.file", accessFile);
            env.put("jmx.remote.x.login.config", loginModuleName);
        }
        // Create the Platform server
        csPlatform = createServer("Platform", rmiBindAddress, rmiRegistryPortPlatform, rmiServerPortPlatform, env, registryCsf, registrySsf, serverCsf, serverSsf);
    } else if (Lifecycle.STOP_EVENT.equals(event.getType())) {
        destroyServer("Platform", csPlatform);
    }
}
Also used : SslRMIClientSocketFactory(javax.rmi.ssl.SslRMIClientSocketFactory) HashMap(java.util.HashMap) SslRMIServerSocketFactory(javax.rmi.ssl.SslRMIServerSocketFactory) RMIServerSocketFactory(java.rmi.server.RMIServerSocketFactory) SslRMIServerSocketFactory(javax.rmi.ssl.SslRMIServerSocketFactory) SslRMIClientSocketFactory(javax.rmi.ssl.SslRMIClientSocketFactory) RMIClientSocketFactory(java.rmi.server.RMIClientSocketFactory)

Example 2 with SslRMIServerSocketFactory

use of javax.rmi.ssl.SslRMIServerSocketFactory in project neo4j by neo4j.

the class HotspotManagementSupport method createServer.

private JMXConnectorServer createServer(int port, boolean useSSL, Log log) {
    MBeanServer server = getMBeanServer();
    final JMXServiceURL url;
    try {
        url = new JMXServiceURL("rmi", null, port);
    } catch (MalformedURLException e) {
        log.warn("Failed to start JMX Server", e);
        return null;
    }
    Map<String, Object> env = new HashMap<>();
    if (useSSL) {
        env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, new SslRMIClientSocketFactory());
        env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, new SslRMIServerSocketFactory());
    }
    try {
        return JMXConnectorServerFactory.newJMXConnectorServer(url, env, server);
    } catch (IOException e) {
        log.warn("Failed to start JMX Server", e);
        return null;
    }
}
Also used : JMXServiceURL(javax.management.remote.JMXServiceURL) SslRMIClientSocketFactory(javax.rmi.ssl.SslRMIClientSocketFactory) MalformedURLException(java.net.MalformedURLException) HashMap(java.util.HashMap) SslRMIServerSocketFactory(javax.rmi.ssl.SslRMIServerSocketFactory) IOException(java.io.IOException) MBeanServer(javax.management.MBeanServer)

Example 3 with SslRMIServerSocketFactory

use of javax.rmi.ssl.SslRMIServerSocketFactory in project jdk8u_jdk by JetBrains.

the class SocketFactoryTest method main.

public static void main(String[] args) {
    try {
        System.out.println("SocketFactoryTest START.");
        final SSLContext context = SSLContext.getInstance("SSL");
        context.init(null, null, null);
        final SslRMIClientSocketFactory client1 = new SslRMIClientSocketFactory();
        final SslRMIClientSocketFactory client2 = new SslRMIClientSocketFactory();
        final SslRMIClientSocketFactory client11 = (SslRMIClientSocketFactory) serializeAndClone(client1);
        final SslRMIClientSocketFactory client21 = (SslRMIClientSocketFactory) serializeAndClone(client2);
        final SslRMIServerSocketFactory server1 = new SslRMIServerSocketFactory();
        final SslRMIServerSocketFactory server2 = new SslRMIServerSocketFactory(null, null, false);
        final SslRMIServerSocketFactory server3 = new SslRMIServerSocketFactory(ciphersuite, null, false);
        final SslRMIServerSocketFactory server4 = new SslRMIServerSocketFactory(null, protocol, false);
        final SslRMIServerSocketFactory server5 = new SslRMIServerSocketFactory(null, null, true);
        final SslRMIServerSocketFactory server6 = new SslRMIServerSocketFactory(null, null, null, false);
        final SslRMIServerSocketFactory server7 = new SslRMIServerSocketFactory(SSLContext.getDefault(), null, null, false);
        final SslRMIServerSocketFactory server8 = new SslRMIServerSocketFactory(null, null, null, true);
        final SslRMIServerSocketFactory server9 = new SslRMIServerSocketFactory(SSLContext.getDefault(), null, null, true);
        final SslRMIServerSocketFactory server10 = new SslRMIServerSocketFactory(context, null, null, true);
        final MySslRMIClientSocketFactory subclient1 = new MySslRMIClientSocketFactory();
        final MySslRMIClientSocketFactory subclient2 = new MySslRMIClientSocketFactory();
        final MySslRMIServerSocketFactory subserver1 = new MySslRMIServerSocketFactory();
        final MySslRMIServerSocketFactory subserver2 = new MySslRMIServerSocketFactory(null, null, false);
        final MySslRMIServerSocketFactory subserver3 = new MySslRMIServerSocketFactory(ciphersuite, null, false);
        final MySslRMIServerSocketFactory subserver4 = new MySslRMIServerSocketFactory(null, protocol, false);
        final MySslRMIServerSocketFactory subserver5 = new MySslRMIServerSocketFactory(null, null, true);
        final MySslRMIServerSocketFactory subserver6 = new MySslRMIServerSocketFactory(null, ciphersuite, null, false);
        final MySslRMIServerSocketFactory subserver7 = new MySslRMIServerSocketFactory(SSLContext.getDefault(), ciphersuite, null, false);
        final MySslRMIServerSocketFactory subserver8 = new MySslRMIServerSocketFactory(context, null, null, true);
        // clients
        System.out.println("testEquals(client1,client1,true)");
        testEquals(client1, client1, true);
        System.out.println("testEquals(client1,client2,true)");
        testEquals(client1, client2, true);
        System.out.println("testEquals(client1,client11,true)");
        testEquals(client1, client11, true);
        System.out.println("testEquals(client1,client21,true)");
        testEquals(client1, client21, true);
        System.out.println("testEquals(client11,client21,true)");
        testEquals(client11, client21, true);
        System.out.println("testEquals(client1,null,false)");
        testEquals(client1, null, false);
        System.out.println("testEquals(client1,server1,false)");
        testEquals(client1, server1, false);
        System.out.println("testEquals(client21,server2,false)");
        testEquals(client21, server2, false);
        System.out.println("testEquals(client1,new Object(),false)");
        testEquals(client1, new Object(), false);
        // servers
        System.out.println("testEquals(server1,server1,true)");
        testEquals(server1, server1, true);
        System.out.println("testEquals(server2,server2,true)");
        testEquals(server2, server2, true);
        System.out.println("testEquals(server3,server3,true)");
        testEquals(server3, server3, true);
        System.out.println("testEquals(server4,server4,true)");
        testEquals(server4, server4, true);
        System.out.println("testEquals(server5,server5,true)");
        testEquals(server5, server5, true);
        System.out.println("testEquals(server1,server2,true)");
        testEquals(server1, server2, true);
        System.out.println("testEquals(server1,server3,false)");
        testEquals(server1, server3, false);
        System.out.println("testEquals(server2,server3,false)");
        testEquals(server2, server3, false);
        System.out.println("testEquals(server3,server4,false)");
        testEquals(server3, server4, false);
        System.out.println("testEquals(server4,server5,false)");
        testEquals(server4, server5, false);
        System.out.println("testEquals(server6,server7,false)");
        testEquals(server6, server7, false);
        System.out.println("testEquals(server8,server9,false)");
        testEquals(server8, server9, false);
        System.out.println("testEquals(server9,server10,false)");
        testEquals(server9, server10, false);
        System.out.println("testEquals(server2,server6,true)");
        testEquals(server2, server6, true);
        System.out.println("testEquals(server2,server7,false)");
        testEquals(server2, server7, false);
        System.out.println("testEquals(server5,server8,true)");
        testEquals(server5, server8, true);
        System.out.println("testEquals(server5,server9,false)");
        testEquals(server5, server9, false);
        System.out.println("testEquals(server1,null,false)");
        testEquals(server1, null, false);
        System.out.println("testEquals(server2,null,false)");
        testEquals(server2, null, false);
        System.out.println("testEquals(server3,null,false)");
        testEquals(server3, null, false);
        System.out.println("testEquals(server1,client2,false)");
        testEquals(server1, client2, false);
        System.out.println("testEquals(server2,client11,false)");
        testEquals(server2, client11, false);
        System.out.println("testEquals(server1,new Object(),false)");
        testEquals(server1, new Object(), false);
        // client subclass
        System.out.println("testEquals(subclient1,subclient1,true)");
        testEquals(subclient1, subclient1, true);
        System.out.println("testEquals(subclient1,subclient2,true)");
        testEquals(subclient1, subclient2, true);
        System.out.println("testEquals(subclient1,client1,false)");
        testEquals(subclient1, client1, false);
        System.out.println("testEquals(client1,subclient1,false)");
        testEquals(client1, subclient1, false);
        System.out.println("testEquals(subclient1,null,false)");
        testEquals(subclient1, null, false);
        System.out.println("testEquals(subclient1,server1,false)");
        testEquals(subclient1, server1, false);
        System.out.println("testEquals(server1,subclient1,false)");
        testEquals(server1, subclient1, false);
        System.out.println("testEquals(subclient2,subserver2,false)");
        testEquals(subclient1, subserver2, false);
        System.out.println("testEquals(subclient1,new Object(),false)");
        testEquals(subclient1, new Object(), false);
        // server subclass
        System.out.println("testEquals(subserver1,subserver1,true)");
        testEquals(subserver1, subserver1, true);
        System.out.println("testEquals(subserver2,subserver2,true)");
        testEquals(subserver2, subserver2, true);
        System.out.println("testEquals(subserver3,subserver3,true)");
        testEquals(subserver3, subserver3, true);
        System.out.println("testEquals(subserver4,subserver4,true)");
        testEquals(subserver4, subserver4, true);
        System.out.println("testEquals(subserver5,subserver5,true)");
        testEquals(subserver5, subserver5, true);
        System.out.println("testEquals(subserver1,subserver2,true)");
        testEquals(subserver1, subserver2, true);
        System.out.println("testEquals(subserver1,subserver3,false)");
        testEquals(subserver1, subserver3, false);
        System.out.println("testEquals(subserver2,subserver3,false)");
        testEquals(subserver2, subserver3, false);
        System.out.println("testEquals(subserver3,subserver4,false)");
        testEquals(subserver3, subserver4, false);
        System.out.println("testEquals(subserver4,subserver5,false)");
        testEquals(subserver4, subserver5, false);
        System.out.println("testEquals(subserver3,subserver6,true)");
        testEquals(subserver3, subserver6, true);
        System.out.println("testEquals(subserver3,subserver7,false)");
        testEquals(subserver3, subserver7, false);
        System.out.println("testEquals(subserver1,server1,false)");
        testEquals(subserver1, server1, false);
        System.out.println("testEquals(server1,subserver1,false)");
        testEquals(server1, subserver1, false);
        System.out.println("testEquals(subserver2,server2,false)");
        testEquals(subserver2, server2, false);
        System.out.println("testEquals(server2,subserver2,false)");
        testEquals(server2, subserver2, false);
        System.out.println("testEquals(subserver3,server3,false)");
        testEquals(subserver3, server3, false);
        System.out.println("testEquals(server3,subserver3,false)");
        testEquals(server3, subserver3, false);
        System.out.println("testEquals(subserver4,server4,false)");
        testEquals(subserver4, server4, false);
        System.out.println("testEquals(server4,subserver4,false)");
        testEquals(server4, subserver4, false);
        System.out.println("testEquals(subserver5,server5,false)");
        testEquals(subserver5, server5, false);
        System.out.println("testEquals(server5,subserver5,false)");
        testEquals(server5, subserver5, false);
        System.out.println("testEquals(server10,subserver8,false)");
        testEquals(server10, subserver8, false);
        System.out.println("testEquals(subserver8,server10,false)");
        testEquals(subserver8, server10, false);
        System.out.println("testEquals(subserver1,null,false)");
        testEquals(subserver1, null, false);
        System.out.println("testEquals(subserver1,client2,false)");
        testEquals(subserver1, client2, false);
        System.out.println("testEquals(subserver1,subclient2,false)");
        testEquals(subserver1, subclient2, false);
        System.out.println("testEquals(client1,subserver2,false)");
        testEquals(client1, subserver2, false);
        System.out.println("testEquals(subserver1,new Object(),false)");
        testEquals(subserver1, new Object(), false);
        System.out.println("SocketFactoryTest PASSED.");
    } catch (Exception x) {
        System.out.println("SocketFactoryTest FAILED: " + x);
        x.printStackTrace();
        System.exit(1);
    }
}
Also used : SslRMIClientSocketFactory(javax.rmi.ssl.SslRMIClientSocketFactory) SSLContext(javax.net.ssl.SSLContext) SslRMIServerSocketFactory(javax.rmi.ssl.SslRMIServerSocketFactory) IOException(java.io.IOException)

Example 4 with SslRMIServerSocketFactory

use of javax.rmi.ssl.SslRMIServerSocketFactory in project uPortal by Jasig.

the class JavaManagementServerBean method getJmxServerEnvironment.

/**
     * Generates the environment Map for the JMX server based on system properties
     *
     * @return A non-null Map of environment settings for the JMX server.
     */
protected Map<String, Object> getJmxServerEnvironment() {
    final Map<String, Object> jmxEnv = new HashMap<String, Object>();
    //SSL Options
    final String enableSSL = System.getProperty(JMX_SSL_PROPERTY);
    if (Boolean.getBoolean(enableSSL)) {
        SslRMIClientSocketFactory csf = new SslRMIClientSocketFactory();
        jmxEnv.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, csf);
        SslRMIServerSocketFactory ssf = new SslRMIServerSocketFactory();
        jmxEnv.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, ssf);
    }
    //Password file options
    final String passwordFile = System.getProperty(JMX_PASSWORD_FILE_PROPERTY);
    if (passwordFile != null) {
        jmxEnv.put(JMX_REMOTE_X_PASSWORD_FILE, passwordFile);
    }
    //Access file options
    final String accessFile = System.getProperty(JMX_ACCESS_FILE_PROPERTY);
    if (accessFile != null) {
        jmxEnv.put(JMX_REMOTE_X_ACCESS_FILE, accessFile);
    }
    if (this.logger.isDebugEnabled()) {
        this.logger.debug("Configured JMX Server Environment = '" + jmxEnv + "'");
    }
    return jmxEnv;
}
Also used : SslRMIClientSocketFactory(javax.rmi.ssl.SslRMIClientSocketFactory) HashMap(java.util.HashMap) SslRMIServerSocketFactory(javax.rmi.ssl.SslRMIServerSocketFactory)

Example 5 with SslRMIServerSocketFactory

use of javax.rmi.ssl.SslRMIServerSocketFactory in project cassandra by apache.

the class JMXServerUtils method configureJmxSocketFactories.

private static Map<String, Object> configureJmxSocketFactories(InetAddress serverAddress, boolean localOnly) {
    Map<String, Object> env = new HashMap<>();
    if (Boolean.getBoolean("com.sun.management.jmxremote.ssl")) {
        boolean requireClientAuth = Boolean.getBoolean("com.sun.management.jmxremote.ssl.need.client.auth");
        String[] protocols = null;
        String protocolList = System.getProperty("com.sun.management.jmxremote.ssl.enabled.protocols");
        if (protocolList != null) {
            System.setProperty("javax.rmi.ssl.client.enabledProtocols", protocolList);
            protocols = StringUtils.split(protocolList, ',');
        }
        String[] ciphers = null;
        String cipherList = System.getProperty("com.sun.management.jmxremote.ssl.enabled.cipher.suites");
        if (cipherList != null) {
            System.setProperty("javax.rmi.ssl.client.enabledCipherSuites", cipherList);
            ciphers = StringUtils.split(cipherList, ',');
        }
        SslRMIClientSocketFactory clientFactory = new SslRMIClientSocketFactory();
        SslRMIServerSocketFactory serverFactory = new SslRMIServerSocketFactory(ciphers, protocols, requireClientAuth);
        env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, serverFactory);
        env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, clientFactory);
        env.put("com.sun.jndi.rmi.factory.socket", clientFactory);
        logJmxSslConfig(serverFactory);
    } else if (localOnly) {
        env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, new RMIServerSocketFactoryImpl(serverAddress));
    }
    return env;
}
Also used : SslRMIClientSocketFactory(javax.rmi.ssl.SslRMIClientSocketFactory) HashMap(java.util.HashMap) UnicastRemoteObject(java.rmi.server.UnicastRemoteObject) SslRMIServerSocketFactory(javax.rmi.ssl.SslRMIServerSocketFactory)

Aggregations

SslRMIClientSocketFactory (javax.rmi.ssl.SslRMIClientSocketFactory)7 SslRMIServerSocketFactory (javax.rmi.ssl.SslRMIServerSocketFactory)7 HashMap (java.util.HashMap)6 IOException (java.io.IOException)3 MalformedURLException (java.net.MalformedURLException)2 MBeanServer (javax.management.MBeanServer)2 JMXServiceURL (javax.management.remote.JMXServiceURL)2 RMIClientSocketFactory (java.rmi.server.RMIClientSocketFactory)1 RMIServerSocketFactory (java.rmi.server.RMIServerSocketFactory)1 UnicastRemoteObject (java.rmi.server.UnicastRemoteObject)1 SSLContext (javax.net.ssl.SSLContext)1