1 /*
2 * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 4924664
27 * @summary Tests the use of the "jmx.remote.x.password.file" and
28 * "jmx.remote.x.access.file" environment map properties.
29 * @author Luis-Miguel Alventosa
30 * @run clean PasswordAccessFileTest SimpleStandard SimpleStandardMBean
31 * @run build PasswordAccessFileTest SimpleStandard SimpleStandardMBean
32 * @run main PasswordAccessFileTest
33 */
34
35 import java.io.File;
36 import java.util.HashMap;
37 import javax.management.Attribute;
38 import javax.management.MBeanServer;
39 import javax.management.MBeanServerConnection;
40 import javax.management.MBeanServerFactory;
41 import javax.management.MBeanServerInvocationHandler;
42 import javax.management.Notification;
43 import javax.management.NotificationListener;
44 import javax.management.ObjectName;
45 import javax.management.remote.JMXConnector;
46 import javax.management.remote.JMXConnectorFactory;
47 import javax.management.remote.JMXConnectorServer;
48 import javax.management.remote.JMXConnectorServerFactory;
49 import javax.management.remote.JMXServiceURL;
50
51 public class PasswordAccessFileTest {
52
53 public static void main(String[] args) {
54 try {
55 //------------------------------------------------------------------
56 // SERVER
57 //------------------------------------------------------------------
58
59 // Instantiate the MBean server
60 //
61 System.out.println("Create the MBean server");
62 MBeanServer mbs = MBeanServerFactory.createMBeanServer();
63
64 // Create SimpleStandard MBean
65 //
66 ObjectName mbeanName = new ObjectName("MBeans:type=SimpleStandard");
67 System.out.println("Create SimpleStandard MBean...");
68 mbs.createMBean("SimpleStandard", mbeanName, null, null);
69
70 // Server's environment map
71 //
72 System.out.println(">>> Initialize the server's environment map");
73 HashMap sEnv = new HashMap();
74
75 // Provide the password file used by the connector server to
76 // perform user authentication. The password file is a properties
77 // based text file specifying username/password pairs. This
78 // properties based password authenticator has been implemented
79 // using the JMXAuthenticator interface and is passed to the
80 // connector through the "jmx.remote.authenticator" property
81 // in the map.
82 //
83 // This property is implementation-dependent and might not be
84 // supported by all implementations of the JMX Remote API.
85 //
86 sEnv.put("jmx.remote.x.password.file",
87 System.getProperty("test.src") +
88 File.separator +
89 "password.properties");
90
91 // Provide the access level file used by the connector server to
92 // perform user authorization. The access level file is a properties
93 // based text file specifying username/access level pairs where
94 // access level is either "readonly" or "readwrite" access to the
95 // MBeanServer operations. This properties based access control
96 // checker has been implemented using the MBeanServerForwarder
97 // interface which wraps the real MBean server inside an access
98 // controller MBean server which performs the access control checks
99 // before forwarding the requests to the real MBean server.
100 //
101 // This property is implementation-dependent and might not be
102 // supported by all implementations of the JMX Remote API.
103 //
104 sEnv.put("jmx.remote.x.access.file",
105 System.getProperty("test.src") +
106 File.separator +
107 "access.properties");
108
109 // Create an RMI connector server
110 //
111 System.out.println("Create an RMI connector server");
112 JMXServiceURL url = new JMXServiceURL("service:jmx:rmi://");
113 JMXConnectorServer cs =
114 JMXConnectorServerFactory.newJMXConnectorServer(url, sEnv, mbs);
115
116 // Start the RMI connector server
117 //
118 System.out.println("Start the RMI connector server");
119 cs.start();
120 System.out.println("RMI connector server successfully started");
121 System.out.println("Waiting for incoming connections...");
122
123 //------------------------------------------------------------------
124 // CLIENT : Invalid authentication credentials
125 //------------------------------------------------------------------
126
127 final String invalidCreds[][] = {
128 {"admin1", "adminPassword"},
129 {"admin", "adminPassword1"},
130 {"user1", "userPassword"},
131 {"user", "userPassword1"}
132 };
133
134 // Try to connect to the server using the invalid credentials.
135 // All the connect calls should get SecurityException.
136 //
137 for (int i = 0 ; i < invalidCreds.length ; i++) {
138 // Client environment map
139 //
140 System.out.println(">>> Initialize the client environment map" +
141 " for user [" +
142 invalidCreds[i][0] +
143 "] with password [" +
144 invalidCreds[i][1] + "]");
145 HashMap cEnv = new HashMap();
146 cEnv.put("jmx.remote.credentials", invalidCreds[i]);
147
148 // Create an RMI connector client and
149 // connect it to the RMI connector server
150 //
151 System.out.println("Create an RMI connector client and " +
152 "connect it to the RMI connector server");
153 try {
154 JMXConnector jmxc =
155 JMXConnectorFactory.connect(cs.getAddress(), cEnv);
156 } catch (SecurityException e) {
157 System.out.println("Got expected security exception: " + e);
158 } catch (Exception e) {
159 System.out.println("Got unexpected exception: " + e);
160 e.printStackTrace();
161 System.exit(1);
162 }
163 }
164
165 //------------------------------------------------------------------
166 // CLIENT (admin)
167 //------------------------------------------------------------------
168
169 // Admin client environment map
170 //
171 String[] adminCreds = new String[] { "admin" , "adminPassword" };
172 System.out.println(">>> Initialize the client environment map for" +
173 " user [" + adminCreds[0] + "] with " +
174 "password [" + adminCreds[1] + "]");
175 HashMap adminEnv = new HashMap();
176 adminEnv.put("jmx.remote.credentials", adminCreds);
177
178 // Create an RMI connector client and
179 // connect it to the RMI connector server
180 //
181 System.out.println("Create an RMI connector client and " +
182 "connect it to the RMI connector server");
183 JMXConnector adminConnector =
184 JMXConnectorFactory.connect(cs.getAddress(), adminEnv);
185
186 // Get an MBeanServerConnection
187 //
188 System.out.println("Get an MBeanServerConnection");
189 MBeanServerConnection adminConnection =
190 adminConnector.getMBeanServerConnection();
191
192 // Get the proxy for the Simple MBean
193 //
194 SimpleStandardMBean adminProxy = (SimpleStandardMBean)
195 MBeanServerInvocationHandler.newProxyInstance(
196 adminConnection,
197 mbeanName,
198 SimpleStandardMBean.class,
199 false);
200
201 // Get State attribute
202 //
203 System.out.println("State = " + adminProxy.getState());
204
205 // Set State attribute
206 //
207 adminProxy.setState("changed state");
208
209 // Get State attribute
210 //
211 System.out.println("State = " + adminProxy.getState());
212
213 // Invoke "reset" in SimpleStandard MBean
214 //
215 System.out.println("Invoke reset() in SimpleStandard MBean...");
216 adminProxy.reset();
217
218 // Close MBeanServer connection
219 //
220 System.out.println("Close the admin connection to the server");
221 adminConnector.close();
222
223 //------------------------------------------------------------------
224 // CLIENT (user)
225 //------------------------------------------------------------------
226
227 // User client environment map
228 //
229 String[] userCreds = new String[] { "user" , "userPassword" };
230 System.out.println(">>> Initialize the client environment map for" +
231 " user [" + userCreds[0] + "] with " +
232 "password [" + userCreds[1] + "]");
233 HashMap userEnv = new HashMap();
234 userEnv.put("jmx.remote.credentials", userCreds);
235
236 // Create an RMI connector client and
237 // connect it to the RMI connector server
238 //
239 System.out.println("Create an RMI connector client and " +
240 "connect it to the RMI connector server");
241 JMXConnector userConnector =
242 JMXConnectorFactory.connect(cs.getAddress(), userEnv);
243
244 // Get an MBeanServerConnection
245 //
246 System.out.println("Get an MBeanServerConnection");
247 MBeanServerConnection userConnection =
248 userConnector.getMBeanServerConnection();
249
250 // Get the proxy for the Simple MBean
251 //
252 SimpleStandardMBean userProxy = (SimpleStandardMBean)
253 MBeanServerInvocationHandler.newProxyInstance(
254 userConnection,
255 mbeanName,
256 SimpleStandardMBean.class,
257 false);
258
259 // Get State attribute
260 //
261 System.out.println("State = " + userProxy.getState());
262
263 // Set State attribute
264 //
265 try {
266 userProxy.setState("changed state");
267 } catch (SecurityException e) {
268 System.out.println("Got expected security exception: " + e);
269 } catch (Exception e) {
270 System.out.println("Got unexpected exception: " + e);
271 e.printStackTrace();
272 System.exit(1);
273 }
274
275 // Get State attribute
276 //
277 System.out.println("State = " + userProxy.getState());
278
279 // Invoke "reset" in SimpleStandard MBean
280 //
281 try {
282 System.out.println("Invoke reset() in SimpleStandard MBean...");
283 userProxy.reset();
284 } catch (SecurityException e) {
285 System.out.println("Got expected security exception: " + e);
286 } catch (Exception e) {
287 System.out.println("Got unexpected exception: " + e);
288 e.printStackTrace();
289 System.exit(1);
290 }
291
292 // Close MBeanServer connection
293 //
294 System.out.println("Close the user connection to the server");
295 userConnector.close();
296
297 //------------------------------------------------------------------
298 // SERVER
299 //------------------------------------------------------------------
300
301 // Stop the connector server
302 //
303 System.out.println(">>> Stop the connector server");
304 cs.stop();
305
306 System.out.println("Bye! Bye!");
307 } catch (Exception e) {
308 System.out.println("Got unexpected exception: " + e);
309 e.printStackTrace();
310 System.exit(1);
311 }
312 }
313 }