Search in sources :

Example 1 with MBeanServerFactory

use of org.apache.karaf.management.MBeanServerFactory in project karaf by apache.

the class Activator method doStart.

protected void doStart() throws Exception {
    // Verify dependencies
    ConfigurationAdmin configurationAdmin = getTrackedService(ConfigurationAdmin.class);
    KeystoreManager keystoreManager = getTrackedService(KeystoreManager.class);
    if (configurationAdmin == null || keystoreManager == null) {
        return;
    }
    String rmiRegistryHost = getString("rmiRegistryHost", "");
    int rmiRegistryPort = getInt("rmiRegistryPort", 1099);
    String rmiServerHost = getString("rmiServerHost", "0.0.0.0");
    int rmiServerPort = getInt("rmiServerPort", 44444);
    String jmxRealm = getString("jmxRealm", "karaf");
    String serviceUrl = getString("serviceUrl", "service:jmx:rmi://" + rmiServerHost + ":" + rmiServerPort + "/jndi/rmi://" + rmiRegistryHost + ":" + rmiRegistryPort + "/karaf-" + System.getProperty("karaf.name"));
    boolean daemon = getBoolean("daemon", true);
    boolean threaded = getBoolean("threaded", true);
    ObjectName objectName = new ObjectName(getString("objectName", "connector:name=rmi"));
    long keyStoreAvailabilityTimeout = getLong("keyStoreAvailabilityTimeout", 5000);
    String authenticatorType = getString("authenticatorType", "password");
    final boolean secured = getBoolean("secured", false);
    String secureAlgorithm = getString("secureAlgorithm", "default");
    String secureProtocol = getString("secureProtocol", "TLS");
    String keyStore = getString("keyStore", "karaf.ks");
    String keyAlias = getString("keyAlias", "karaf");
    String trustStore = getString("trustStore", "karaf.ts");
    boolean createRmiRegistry = getBoolean("createRmiRegistry", true);
    boolean locateRmiRegistry = getBoolean("locateRmiRegistry", true);
    boolean locateExistingMBeanServerIfPossible = getBoolean("locateExistingMBeanServerIfPossible", true);
    KarafMBeanServerGuard guard = new KarafMBeanServerGuard();
    guard.setConfigAdmin(configurationAdmin);
    rmiRegistryFactory = new RmiRegistryFactory();
    rmiRegistryFactory.setCreate(createRmiRegistry);
    rmiRegistryFactory.setLocate(locateRmiRegistry);
    rmiRegistryFactory.setHost(rmiRegistryHost);
    rmiRegistryFactory.setPort(rmiRegistryPort);
    rmiRegistryFactory.setBundleContext(bundleContext);
    rmiRegistryFactory.init();
    mbeanServerFactory = new MBeanServerFactory();
    mbeanServerFactory.setLocateExistingServerIfPossible(locateExistingMBeanServerIfPossible);
    mbeanServerFactory.init();
    MBeanServer mbeanServer = mbeanServerFactory.getServer();
    JaasAuthenticator jaasAuthenticator = new JaasAuthenticator();
    jaasAuthenticator.setRealm(jmxRealm);
    connectorServerFactory = new ConnectorServerFactory();
    connectorServerFactory.setServer(mbeanServer);
    connectorServerFactory.setServiceUrl(serviceUrl);
    connectorServerFactory.setGuard(guard);
    connectorServerFactory.setRmiServerHost(rmiServerHost);
    connectorServerFactory.setDaemon(daemon);
    connectorServerFactory.setThreaded(threaded);
    connectorServerFactory.setObjectName(objectName);
    Map<String, Object> environment = new HashMap<>();
    environment.put("jmx.remote.authenticator", jaasAuthenticator);
    try {
        connectorServerFactory.setEnvironment(environment);
        connectorServerFactory.setKeyStoreAvailabilityTimeout(keyStoreAvailabilityTimeout);
        connectorServerFactory.setAuthenticatorType(authenticatorType);
        connectorServerFactory.setSecured(secured);
        connectorServerFactory.setAlgorithm(secureAlgorithm);
        connectorServerFactory.setSecureProtocol(secureProtocol);
        connectorServerFactory.setKeyStore(keyStore);
        connectorServerFactory.setKeyAlias(keyAlias);
        connectorServerFactory.setTrustStore(trustStore);
        connectorServerFactory.setKeystoreManager(keystoreManager);
        connectorServerFactory.init();
    } catch (Exception e) {
        LOG.error("Can't init JMXConnectorServer: " + e.getMessage());
    }
    JMXSecurityMBeanImpl securityMBean = new JMXSecurityMBeanImpl();
    securityMBean.setMBeanServer(mbeanServer);
    securityMBean.setGuard(guard);
    registerMBean(securityMBean, "type=security,area=jmx");
    register(MBeanServer.class, mbeanServer);
    keystoreInstanceServiceTracker = new ServiceTracker<>(bundleContext, KeystoreInstance.class, new ServiceTrackerCustomizer<KeystoreInstance, KeystoreInstance>() {

        @Override
        public KeystoreInstance addingService(ServiceReference<KeystoreInstance> reference) {
            if (secured) {
                try {
                    connectorServerFactory.init();
                } catch (Exception e) {
                    LOG.error("Can't re-init JMXConnectorServer with SSL enabled when register a keystore:" + e.getMessage());
                }
            }
            return null;
        }

        @Override
        public void modifiedService(ServiceReference<KeystoreInstance> reference, KeystoreInstance service) {
        }

        @Override
        public void removedService(ServiceReference<KeystoreInstance> reference, KeystoreInstance service) {
            if (secured) {
                try {
                    connectorServerFactory.init();
                } catch (Exception e) {
                    LOG.error("Can't re-init JMXConnectorServer with SSL enabled when unregister a keystore: " + e.getMessage());
                }
            }
        }
    });
    keystoreInstanceServiceTracker.open();
}
Also used : KeystoreManager(org.apache.karaf.jaas.config.KeystoreManager) KarafMBeanServerGuard(org.apache.karaf.management.KarafMBeanServerGuard) HashMap(java.util.HashMap) ServiceTrackerCustomizer(org.osgi.util.tracker.ServiceTrackerCustomizer) ConnectorServerFactory(org.apache.karaf.management.ConnectorServerFactory) ObjectName(javax.management.ObjectName) ServiceReference(org.osgi.framework.ServiceReference) RmiRegistryFactory(org.apache.karaf.management.RmiRegistryFactory) JaasAuthenticator(org.apache.karaf.management.JaasAuthenticator) ConfigurationAdmin(org.osgi.service.cm.ConfigurationAdmin) KeystoreInstance(org.apache.karaf.jaas.config.KeystoreInstance) MBeanServerFactory(org.apache.karaf.management.MBeanServerFactory) MBeanServer(javax.management.MBeanServer)

Aggregations

HashMap (java.util.HashMap)1 MBeanServer (javax.management.MBeanServer)1 ObjectName (javax.management.ObjectName)1 KeystoreInstance (org.apache.karaf.jaas.config.KeystoreInstance)1 KeystoreManager (org.apache.karaf.jaas.config.KeystoreManager)1 ConnectorServerFactory (org.apache.karaf.management.ConnectorServerFactory)1 JaasAuthenticator (org.apache.karaf.management.JaasAuthenticator)1 KarafMBeanServerGuard (org.apache.karaf.management.KarafMBeanServerGuard)1 MBeanServerFactory (org.apache.karaf.management.MBeanServerFactory)1 RmiRegistryFactory (org.apache.karaf.management.RmiRegistryFactory)1 ServiceReference (org.osgi.framework.ServiceReference)1 ConfigurationAdmin (org.osgi.service.cm.ConfigurationAdmin)1 ServiceTrackerCustomizer (org.osgi.util.tracker.ServiceTrackerCustomizer)1