< prev index next >
src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java
Print this page
@@ -1,7 +1,7 @@
/*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
@@ -70,14 +70,13 @@
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.rmi.ssl.SslRMIClientSocketFactory;
import javax.rmi.ssl.SslRMIServerSocketFactory;
import javax.security.auth.Subject;
-
import com.sun.jmx.remote.internal.rmi.RMIExporter;
+import com.sun.jmx.remote.security.HashedPasswordManager;
import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
-
import jdk.internal.agent.Agent;
import jdk.internal.agent.AgentConfigurationError;
import static jdk.internal.agent.AgentConfigurationError.*;
import jdk.internal.agent.ConnectorAddressLink;
import jdk.internal.agent.FileSystem;
@@ -101,10 +100,11 @@
public static final String USE_SSL = "true";
public static final String USE_LOCAL_ONLY = "true";
public static final String USE_REGISTRY_SSL = "false";
public static final String USE_AUTHENTICATION = "true";
public static final String PASSWORD_FILE_NAME = "jmxremote.password";
+ public static final String HASH_PASSWORDS = "true";
public static final String ACCESS_FILE_NAME = "jmxremote.access";
public static final String SSL_NEED_CLIENT_AUTH = "false";
}
/**
@@ -128,10 +128,12 @@
"com.sun.management.jmxremote.registry.ssl";
public static final String USE_AUTHENTICATION =
"com.sun.management.jmxremote.authenticate";
public static final String PASSWORD_FILE_NAME =
"com.sun.management.jmxremote.password.file";
+ public static final String HASH_PASSWORDS
+ = "com.sun.management.jmxremote.password.hashpasswords";
public static final String ACCESS_FILE_NAME =
"com.sun.management.jmxremote.access.file";
public static final String LOGIN_CONFIG_NAME =
"com.sun.management.jmxremote.login.config";
public static final String SSL_ENABLED_CIPHER_SUITES =
@@ -408,10 +410,11 @@
final String sslConfigFileName =
props.getProperty(PropertyNames.SSL_CONFIG_FILE_NAME);
String loginConfigName = null;
String passwordFileName = null;
+ boolean shouldHashPasswords = true;
String accessFileName = null;
// Initialize settings when authentication is active
if (useAuthentication) {
@@ -422,10 +425,15 @@
if (loginConfigName == null) {
// Get password file
passwordFileName =
props.getProperty(PropertyNames.PASSWORD_FILE_NAME,
getDefaultFileName(DefaultValues.PASSWORD_FILE_NAME));
+ String hashPasswords
+ = props.getProperty(PropertyNames.HASH_PASSWORDS,
+ DefaultValues.HASH_PASSWORDS);
+ shouldHashPasswords = Boolean.parseBoolean(hashPasswords);
+
checkPasswordFile(passwordFileName);
}
// Get access file
accessFileName = props.getProperty(PropertyNames.ACCESS_FILE_NAME,
@@ -469,11 +477,11 @@
final JMXConnectorServerData data = exportMBeanServer(
mbs, port, rmiPort, useSsl, useRegistrySsl,
sslConfigFileName, enabledCipherSuitesList,
enabledProtocolsList, sslNeedClientAuth,
useAuthentication, loginConfigName,
- passwordFileName, accessFileName, bindAddress);
+ passwordFileName, shouldHashPasswords, accessFileName, bindAddress);
cs = data.jmxConnectorServer;
url = data.jmxRemoteURL;
config("startRemoteConnectorServer",
Agent.getText("jmxremote.ConnectorBootstrap.ready",
url.toString()));
@@ -726,10 +734,11 @@
String[] enabledProtocols,
boolean sslNeedClientAuth,
boolean useAuthentication,
String loginConfigName,
String passwordFileName,
+ boolean shouldHashPasswords,
String accessFileName,
String bindAddress)
throws IOException, MalformedURLException {
/* Make sure we use non-guessable RMI object IDs. Otherwise
@@ -755,10 +764,13 @@
env.put("jmx.remote.x.login.config", loginConfigName);
}
if (passwordFileName != null) {
env.put("jmx.remote.x.password.file", passwordFileName);
}
+ if (shouldHashPasswords) {
+ env.put("jmx.remote.x.password.hashpasswords", "true");
+ }
env.put("jmx.remote.x.access.file", accessFileName);
if (env.get("jmx.remote.x.password.file") != null ||
env.get("jmx.remote.x.login.config") != null) {
< prev index next >