1 /* 2 * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 6261831 27 * @summary Tests the use of the subject delegation feature in the 28 * RMI connector 29 * @author Luis-Miguel Alventosa 30 * @run clean SubjectDelegation1Test SimpleStandard SimpleStandardMBean 31 * @run build SubjectDelegation1Test SimpleStandard SimpleStandardMBean 32 * @run main SubjectDelegation1Test policy11 ok 33 * @run main SubjectDelegation1Test policy12 ko 34 * @run main SubjectDelegation1Test policy13 ko 35 * @run main SubjectDelegation1Test policy14 ko 36 * @run main SubjectDelegation1Test policy15 ok 37 * @run main SubjectDelegation1Test policy16 ko 38 */ 39 40 import com.sun.jmx.remote.security.JMXPluggableAuthenticator; 41 import java.io.File; 42 import java.lang.management.ManagementFactory; 43 import java.rmi.RemoteException; 44 import java.rmi.registry.LocateRegistry; 45 import java.rmi.registry.Registry; 46 import java.util.Collections; 47 import java.util.HashMap; 48 import java.util.Properties; 49 import javax.management.Attribute; 50 import javax.management.MBeanServer; 51 import javax.management.MBeanServerConnection; 52 import javax.management.Notification; 53 import javax.management.NotificationListener; 54 import javax.management.ObjectName; 55 import javax.management.remote.JMXConnector; 56 import javax.management.remote.JMXConnectorFactory; 57 import javax.management.remote.JMXConnectorServer; 58 import javax.management.remote.JMXConnectorServerFactory; 59 import javax.management.remote.JMXPrincipal; 60 import javax.management.remote.JMXServiceURL; 61 import javax.security.auth.Subject; 62 63 public class SubjectDelegation1Test { 64 65 public static void main(String[] args) throws Exception { 66 // Check for supported operating systems: Solaris 67 // 68 // This test runs only on Solaris due to CR 6285916 69 // 70 String osName = System.getProperty("os.name"); 71 System.out.println("os.name = " + osName); 72 if (!osName.equals("SunOS")) { 73 System.out.println("This test runs on Solaris only."); 74 System.out.println("Bye! Bye!"); 75 return; 76 } 77 String policyFile = args[0]; 78 String testResult = args[1]; 79 System.out.println("Policy file = " + policyFile); 80 System.out.println("Expected test result = " + testResult); 81 JMXConnectorServer jmxcs = null; 82 JMXConnector jmxc = null; 83 try { 84 // Create an RMI registry 85 // 86 System.out.println("Start RMI registry..."); 87 Registry reg = null; 88 int port = 5800; 89 while (port++ < 6000) { 90 try { 91 reg = LocateRegistry.createRegistry(port); 92 System.out.println("RMI registry running on port " + port); 93 break; 94 } catch (RemoteException e) { 95 // Failed to create RMI registry... 96 System.out.println("Failed to create RMI registry " + 97 "on port " + port); 98 } 99 } 100 if (reg == null) { 101 System.exit(1); 102 } 103 // Set the default password file 104 // 105 final String passwordFile = System.getProperty("test.src") + 106 File.separator + "jmxremote.password"; 107 System.out.println("Password file = " + passwordFile); 108 // Set policy file 109 // 110 final String policy = System.getProperty("test.src") + 111 File.separator + policyFile; 112 System.out.println("PolicyFile = " + policy); 113 System.setProperty("java.security.policy", policy); 114 // Instantiate the MBean server 115 // 116 System.out.println("Create the MBean server"); 117 MBeanServer mbs = ManagementFactory.getPlatformMBeanServer(); 118 // Register the SimpleStandardMBean 119 // 120 System.out.println("Create SimpleStandard MBean"); 121 SimpleStandard s = new SimpleStandard("delegate"); 122 mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard")); 123 // Create Properties containing the username/password entries 124 // 125 Properties props = new Properties(); 126 props.setProperty("jmx.remote.x.password.file", passwordFile); 127 // Initialize environment map to be passed to the connector server 128 // 129 System.out.println("Initialize environment map"); 130 HashMap env = new HashMap(); 131 env.put("jmx.remote.authenticator", 132 new JMXPluggableAuthenticator(props)); 133 // Create an RMI connector server 134 // 135 System.out.println("Create an RMI connector server"); 136 JMXServiceURL url = 137 new JMXServiceURL("rmi", null, 0, 138 "/jndi/rmi://:" + port + "/server" + port); 139 jmxcs = 140 JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs); 141 jmxcs.start(); 142 // Create an RMI connector client 143 // 144 System.out.println("Create an RMI connector client"); 145 HashMap cli_env = new HashMap(); 146 // These credentials must match those in the default password file 147 // 148 String[] credentials = new String[] { "monitorRole" , "QED" }; 149 cli_env.put("jmx.remote.credentials", credentials); 150 jmxc = JMXConnectorFactory.connect(url, cli_env); 151 Subject delegationSubject = 152 new Subject(true, 153 Collections.singleton(new JMXPrincipal("delegate")), 154 Collections.EMPTY_SET, 155 Collections.EMPTY_SET); 156 MBeanServerConnection mbsc = 157 jmxc.getMBeanServerConnection(delegationSubject); 158 // Get domains from MBeanServer 159 // 160 System.out.println("Domains:"); 161 String domains[] = mbsc.getDomains(); 162 for (int i = 0; i < domains.length; i++) { 163 System.out.println("\tDomain[" + i + "] = " + domains[i]); 164 } 165 // Get MBean count 166 // 167 System.out.println("MBean count = " + mbsc.getMBeanCount()); 168 // Get State attribute 169 // 170 String oldState = 171 (String) mbsc.getAttribute( 172 new ObjectName("MBeans:type=SimpleStandard"), 173 "State"); 174 System.out.println("Old State = \"" + oldState + "\""); 175 // Set State attribute 176 // 177 System.out.println("Set State to \"changed state\""); 178 mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"), 179 new Attribute("State", "changed state")); 180 // Get State attribute 181 // 182 String newState = 183 (String) mbsc.getAttribute( 184 new ObjectName("MBeans:type=SimpleStandard"), 185 "State"); 186 System.out.println("New State = \"" + newState + "\""); 187 if (!newState.equals("changed state")) { 188 System.out.println("Invalid State = \"" + newState + "\""); 189 System.exit(1); 190 } 191 // Add notification listener on SimpleStandard MBean 192 // 193 System.out.println("Add notification listener..."); 194 mbsc.addNotificationListener( 195 new ObjectName("MBeans:type=SimpleStandard"), 196 new NotificationListener() { 197 public void handleNotification(Notification notification, 198 Object handback) { 199 System.out.println("Received notification: " + 200 notification); 201 } 202 }, 203 null, 204 null); 205 // Unregister SimpleStandard MBean 206 // 207 System.out.println("Unregister SimpleStandard MBean..."); 208 mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard")); 209 } catch (SecurityException e) { 210 if (testResult.equals("ko")) { 211 System.out.println("Got expected security exception = " + e); 212 } else { 213 System.out.println("Got unexpected security exception = " + e); 214 e.printStackTrace(); 215 throw e; 216 } 217 } catch (Exception e) { 218 System.out.println("Unexpected exception caught = " + e); 219 e.printStackTrace(); 220 throw e; 221 } finally { 222 // Close connector client 223 // 224 if (jmxc != null) 225 jmxc.close(); 226 // Stop connector server 227 // 228 if (jmxcs != null) 229 jmxcs.stop(); 230 // Say goodbye 231 // 232 System.out.println("Bye! Bye!"); 233 } 234 } 235 }