1 /*
2 * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 6261831
27 * @summary Tests the use of the subject delegation feature in the
28 * RMI connector
29 * @author Luis-Miguel Alventosa
30 * @run clean SubjectDelegation1Test SimpleStandard SimpleStandardMBean
31 * @run build SubjectDelegation1Test SimpleStandard SimpleStandardMBean
32 * @run main SubjectDelegation1Test policy11 ok
33 * @run main SubjectDelegation1Test policy12 ko
34 * @run main SubjectDelegation1Test policy13 ko
35 * @run main SubjectDelegation1Test policy14 ko
36 * @run main SubjectDelegation1Test policy15 ok
37 * @run main SubjectDelegation1Test policy16 ko
38 */
39
40 import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
41 import java.io.File;
42 import java.lang.management.ManagementFactory;
43 import java.rmi.RemoteException;
44 import java.rmi.registry.LocateRegistry;
45 import java.rmi.registry.Registry;
46 import java.util.Collections;
47 import java.util.HashMap;
48 import java.util.Properties;
49 import javax.management.Attribute;
50 import javax.management.MBeanServer;
51 import javax.management.MBeanServerConnection;
52 import javax.management.Notification;
53 import javax.management.NotificationListener;
54 import javax.management.ObjectName;
55 import javax.management.remote.JMXConnector;
56 import javax.management.remote.JMXConnectorFactory;
57 import javax.management.remote.JMXConnectorServer;
58 import javax.management.remote.JMXConnectorServerFactory;
59 import javax.management.remote.JMXPrincipal;
60 import javax.management.remote.JMXServiceURL;
61 import javax.security.auth.Subject;
62
63 public class SubjectDelegation1Test {
64
65 public static void main(String[] args) throws Exception {
66 // Check for supported operating systems: Solaris
67 //
68 // This test runs only on Solaris due to CR 6285916
69 //
70 String osName = System.getProperty("os.name");
71 System.out.println("os.name = " + osName);
72 if (!osName.equals("SunOS")) {
73 System.out.println("This test runs on Solaris only.");
74 System.out.println("Bye! Bye!");
75 return;
76 }
77 String policyFile = args[0];
78 String testResult = args[1];
79 System.out.println("Policy file = " + policyFile);
80 System.out.println("Expected test result = " + testResult);
81 JMXConnectorServer jmxcs = null;
82 JMXConnector jmxc = null;
83 try {
84 // Create an RMI registry
85 //
86 System.out.println("Start RMI registry...");
87 Registry reg = null;
88 int port = 5800;
89 while (port++ < 6000) {
90 try {
91 reg = LocateRegistry.createRegistry(port);
92 System.out.println("RMI registry running on port " + port);
93 break;
94 } catch (RemoteException e) {
95 // Failed to create RMI registry...
96 System.out.println("Failed to create RMI registry " +
97 "on port " + port);
98 }
99 }
100 if (reg == null) {
101 System.exit(1);
102 }
103 // Set the default password file
104 //
105 final String passwordFile = System.getProperty("test.src") +
106 File.separator + "jmxremote.password";
107 System.out.println("Password file = " + passwordFile);
108 // Set policy file
109 //
110 final String policy = System.getProperty("test.src") +
111 File.separator + policyFile;
112 System.out.println("PolicyFile = " + policy);
113 System.setProperty("java.security.policy", policy);
114 // Instantiate the MBean server
115 //
116 System.out.println("Create the MBean server");
117 MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
118 // Register the SimpleStandardMBean
119 //
120 System.out.println("Create SimpleStandard MBean");
121 SimpleStandard s = new SimpleStandard("delegate");
122 mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));
123 // Create Properties containing the username/password entries
124 //
125 Properties props = new Properties();
126 props.setProperty("jmx.remote.x.password.file", passwordFile);
127 // Initialize environment map to be passed to the connector server
128 //
129 System.out.println("Initialize environment map");
130 HashMap env = new HashMap();
131 env.put("jmx.remote.authenticator",
132 new JMXPluggableAuthenticator(props));
133 // Create an RMI connector server
134 //
135 System.out.println("Create an RMI connector server");
136 JMXServiceURL url =
137 new JMXServiceURL("rmi", null, 0,
138 "/jndi/rmi://:" + port + "/server" + port);
139 jmxcs =
140 JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
141 jmxcs.start();
142 // Create an RMI connector client
143 //
144 System.out.println("Create an RMI connector client");
145 HashMap cli_env = new HashMap();
146 // These credentials must match those in the default password file
147 //
148 String[] credentials = new String[] { "monitorRole" , "QED" };
149 cli_env.put("jmx.remote.credentials", credentials);
150 jmxc = JMXConnectorFactory.connect(url, cli_env);
151 Subject delegationSubject =
152 new Subject(true,
153 Collections.singleton(new JMXPrincipal("delegate")),
154 Collections.EMPTY_SET,
155 Collections.EMPTY_SET);
156 MBeanServerConnection mbsc =
157 jmxc.getMBeanServerConnection(delegationSubject);
158 // Get domains from MBeanServer
159 //
160 System.out.println("Domains:");
161 String domains[] = mbsc.getDomains();
162 for (int i = 0; i < domains.length; i++) {
163 System.out.println("\tDomain[" + i + "] = " + domains[i]);
164 }
165 // Get MBean count
166 //
167 System.out.println("MBean count = " + mbsc.getMBeanCount());
168 // Get State attribute
169 //
170 String oldState =
171 (String) mbsc.getAttribute(
172 new ObjectName("MBeans:type=SimpleStandard"),
173 "State");
174 System.out.println("Old State = \"" + oldState + "\"");
175 // Set State attribute
176 //
177 System.out.println("Set State to \"changed state\"");
178 mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"),
179 new Attribute("State", "changed state"));
180 // Get State attribute
181 //
182 String newState =
183 (String) mbsc.getAttribute(
184 new ObjectName("MBeans:type=SimpleStandard"),
185 "State");
186 System.out.println("New State = \"" + newState + "\"");
187 if (!newState.equals("changed state")) {
188 System.out.println("Invalid State = \"" + newState + "\"");
189 System.exit(1);
190 }
191 // Add notification listener on SimpleStandard MBean
192 //
193 System.out.println("Add notification listener...");
194 mbsc.addNotificationListener(
195 new ObjectName("MBeans:type=SimpleStandard"),
196 new NotificationListener() {
197 public void handleNotification(Notification notification,
198 Object handback) {
199 System.out.println("Received notification: " +
200 notification);
201 }
202 },
203 null,
204 null);
205 // Unregister SimpleStandard MBean
206 //
207 System.out.println("Unregister SimpleStandard MBean...");
208 mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));
209 } catch (SecurityException e) {
210 if (testResult.equals("ko")) {
211 System.out.println("Got expected security exception = " + e);
212 } else {
213 System.out.println("Got unexpected security exception = " + e);
214 e.printStackTrace();
215 throw e;
216 }
217 } catch (Exception e) {
218 System.out.println("Unexpected exception caught = " + e);
219 e.printStackTrace();
220 throw e;
221 } finally {
222 // Close connector client
223 //
224 if (jmxc != null)
225 jmxc.close();
226 // Stop connector server
227 //
228 if (jmxcs != null)
229 jmxcs.stop();
230 // Say goodbye
231 //
232 System.out.println("Bye! Bye!");
233 }
234 }
235 }