GEODE-17: set up Shiro Security Manager in the DS and properly login and logout
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/96e69799 Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/96e69799 Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/96e69799 Branch: refs/heads/feature/GEODE-17-3 Commit: 96e69799aedb201fa65b410d1916323bf63d3da3 Parents: 5a6a636 Author: Jinmei Liao <jil...@pivotal.io> Authored: Tue Mar 29 15:16:26 2016 -0700 Committer: Jinmei Liao <jil...@pivotal.io> Committed: Tue Mar 29 15:16:26 2016 -0700 ---------------------------------------------------------------------- .../internal/InternalDistributedSystem.java | 81 ++++++++----- .../internal/cache/GemFireCacheImpl.java | 116 +++++++++---------- .../management/internal/ManagementAgent.java | 26 ++--- .../security/ManagementInterceptor.java | 8 +- .../gemfire/security/CustomAuthRealm.java | 36 +----- .../gemfire/security/JMXShiroAuthenticator.java | 63 ++++++++++ .../gemfire/tools/pulse/tests/Server.java | 2 +- 7 files changed, 187 insertions(+), 145 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/96e69799/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystem.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystem.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystem.java index 8fc884a..0704b1e 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystem.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystem.java @@ -17,30 +17,6 @@ package com.gemstone.gemfire.distributed.internal; -import java.io.File; -import java.io.IOException; -import java.io.Reader; -import java.lang.reflect.Array; -import java.lang.reflect.Method; -import java.net.InetAddress; -import java.util.ArrayList; -import java.util.Date; -import java.util.HashSet; -import java.util.Iterator; -import java.util.LinkedHashSet; -import java.util.List; -import java.util.Properties; -import java.util.Set; -import java.util.SortedSet; -import java.util.StringTokenizer; -import java.util.TreeSet; -import java.util.concurrent.ConcurrentHashMap; -import java.util.concurrent.CopyOnWriteArrayList; -import java.util.concurrent.TimeUnit; -import java.util.concurrent.atomic.AtomicReference; - -import org.apache.logging.log4j.Logger; - import com.gemstone.gemfire.CancelCriterion; import com.gemstone.gemfire.CancelException; import com.gemstone.gemfire.ForcedDisconnectException; @@ -94,6 +70,7 @@ import com.gemstone.gemfire.internal.cache.execute.FunctionStats; import com.gemstone.gemfire.internal.cache.tier.sockets.HandShake; import com.gemstone.gemfire.internal.cache.xmlcache.CacheServerCreation; import com.gemstone.gemfire.internal.i18n.LocalizedStrings; +import com.gemstone.gemfire.internal.lang.StringUtils; import com.gemstone.gemfire.internal.logging.InternalLogWriter; import com.gemstone.gemfire.internal.logging.LogService; import com.gemstone.gemfire.internal.logging.LogWriterFactory; @@ -108,7 +85,36 @@ import com.gemstone.gemfire.internal.tcp.ConnectionTable; import com.gemstone.gemfire.internal.util.concurrent.StoppableCondition; import com.gemstone.gemfire.internal.util.concurrent.StoppableReentrantLock; import com.gemstone.gemfire.management.ManagementException; +import com.gemstone.gemfire.security.CustomAuthRealm; import com.gemstone.gemfire.security.GemFireSecurityException; +import org.apache.logging.log4j.Logger; +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.config.IniSecurityManagerFactory; +import org.apache.shiro.mgt.DefaultSecurityManager; +import org.apache.shiro.mgt.SecurityManager; +import org.apache.shiro.realm.Realm; + +import java.io.File; +import java.io.IOException; +import java.io.Reader; +import java.lang.reflect.Array; +import java.lang.reflect.Method; +import java.net.InetAddress; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedHashSet; +import java.util.List; +import java.util.Properties; +import java.util.Set; +import java.util.SortedSet; +import java.util.StringTokenizer; +import java.util.TreeSet; +import java.util.concurrent.ConcurrentHashMap; +import java.util.concurrent.CopyOnWriteArrayList; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.atomic.AtomicReference; /** * The concrete implementation of {@link DistributedSystem} that @@ -275,12 +281,27 @@ public class InternalDistributedSystem InternalDataSerializer.checkSerializationVersion(); try { SystemFailure.startThreads(); - InternalDistributedSystem newSystem = new InternalDistributedSystem(config); - newSystem.initialize(); - reconnectAttemptCounter = 0; // reset reconnect count since we just got a new connection - notifyConnectListeners(newSystem); - success = true; - return newSystem; + InternalDistributedSystem newSystem = new InternalDistributedSystem(config); + newSystem.initialize(); + reconnectAttemptCounter = 0; // reset reconnect count since we just got a new connection + notifyConnectListeners(newSystem); + success = true; + + // setup shiro for authentication and authorization if it's desired + String shiroConfig = config.getProperty(DistributionConfig.SHIRO_INIT_NAME); + String customAuthenticator = config.getProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME); + if (!StringUtils.isBlank(shiroConfig)) { + IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:"+shiroConfig); + SecurityManager securityManager = factory.getInstance(); + SecurityUtils.setSecurityManager(securityManager); + } + else if (!StringUtils.isBlank(customAuthenticator)) { + Realm realm = new CustomAuthRealm(config); + DefaultSecurityManager securityManager = new DefaultSecurityManager(realm); + SecurityUtils.setSecurityManager(securityManager); + } + + return newSystem; } finally { if (!success) { LoggingThreadGroup.cleanUpThreadGroups(); // bug44365 - logwriters accumulate, causing mem leak http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/96e69799/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/GemFireCacheImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/GemFireCacheImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/GemFireCacheImpl.java index 201acc0..08f81c3 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/GemFireCacheImpl.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/GemFireCacheImpl.java @@ -17,65 +17,6 @@ package com.gemstone.gemfire.internal.cache; -import java.io.BufferedReader; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.io.PrintStream; -import java.io.Reader; -import java.io.StringBufferInputStream; -import java.io.StringWriter; -import java.io.Writer; -import java.lang.reflect.Method; -import java.net.InetSocketAddress; -import java.net.URL; -import java.net.UnknownHostException; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.LinkedHashMap; -import java.util.LinkedHashSet; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Properties; -import java.util.ServiceLoader; -import java.util.Set; -import java.util.TreeMap; -import java.util.concurrent.ArrayBlockingQueue; -import java.util.concurrent.CancellationException; -import java.util.concurrent.ConcurrentHashMap; -import java.util.concurrent.ConcurrentMap; -import java.util.concurrent.CopyOnWriteArrayList; -import java.util.concurrent.CopyOnWriteArraySet; -import java.util.concurrent.ExecutionException; -import java.util.concurrent.Executor; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; -import java.util.concurrent.Future; -import java.util.concurrent.LinkedBlockingQueue; -import java.util.concurrent.RejectedExecutionException; -import java.util.concurrent.ThreadFactory; -import java.util.concurrent.ThreadPoolExecutor; -import java.util.concurrent.ThreadPoolExecutor.CallerRunsPolicy; -import java.util.concurrent.TimeUnit; -import java.util.concurrent.atomic.AtomicBoolean; -import java.util.concurrent.atomic.AtomicInteger; -import java.util.concurrent.atomic.AtomicReference; - -import javax.naming.Context; - -import org.apache.logging.log4j.Logger; - import com.gemstone.gemfire.CancelCriterion; import com.gemstone.gemfire.CancelException; import com.gemstone.gemfire.ForcedDisconnectException; @@ -240,6 +181,63 @@ import com.gemstone.gemfire.pdx.internal.TypeRegistry; import com.gemstone.gemfire.redis.GemFireRedisServer; import com.sun.jna.Native; import com.sun.jna.Platform; +import org.apache.logging.log4j.Logger; + +import javax.naming.Context; +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.OutputStreamWriter; +import java.io.PrintStream; +import java.io.Reader; +import java.io.StringBufferInputStream; +import java.io.StringWriter; +import java.io.Writer; +import java.lang.reflect.Method; +import java.net.InetSocketAddress; +import java.net.URL; +import java.net.UnknownHostException; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.LinkedHashSet; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Properties; +import java.util.ServiceLoader; +import java.util.Set; +import java.util.TreeMap; +import java.util.concurrent.ArrayBlockingQueue; +import java.util.concurrent.CancellationException; +import java.util.concurrent.ConcurrentHashMap; +import java.util.concurrent.ConcurrentMap; +import java.util.concurrent.CopyOnWriteArrayList; +import java.util.concurrent.CopyOnWriteArraySet; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.Executor; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.Future; +import java.util.concurrent.LinkedBlockingQueue; +import java.util.concurrent.RejectedExecutionException; +import java.util.concurrent.ThreadFactory; +import java.util.concurrent.ThreadPoolExecutor; +import java.util.concurrent.ThreadPoolExecutor.CallerRunsPolicy; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.atomic.AtomicBoolean; +import java.util.concurrent.atomic.AtomicInteger; +import java.util.concurrent.atomic.AtomicReference; // @todo somebody Come up with more reasonable values for {@link #DEFAULT_LOCK_TIMEOUT}, etc. /** http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/96e69799/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java index 2a57b90..277894d 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java @@ -16,7 +16,6 @@ */ package com.gemstone.gemfire.management.internal; -import com.gemstone.gemfire.cache.Cache; import com.gemstone.gemfire.cache.CacheFactory; import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.distributed.internal.DistributionManager; @@ -30,8 +29,8 @@ import com.gemstone.gemfire.management.ManagementException; import com.gemstone.gemfire.management.ManagementService; import com.gemstone.gemfire.management.ManagerMXBean; import com.gemstone.gemfire.management.internal.security.MBeanServerWrapper; -import com.gemstone.gemfire.management.internal.security.ManagementInterceptor; import com.gemstone.gemfire.management.internal.unsafe.ReadOpFileAccessController; +import com.gemstone.gemfire.security.JMXShiroAuthenticator; import org.apache.logging.log4j.Logger; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; @@ -81,6 +80,7 @@ public class ManagementAgent { private boolean running = false; private Registry registry; private JMXConnectorServer cs; + private JMXShiroAuthenticator shiroAuthenticator; private final DistributionConfig config; private boolean isHttpServiceRunning = false; @@ -150,6 +150,10 @@ public class ManagementAgent { logger.debug("Stopping jmx manager agent"); } try { + // log out the shiro user + if (shiroAuthenticator!=null) { + shiroAuthenticator.logout(); + } cs.stop(); UnicastRemoteObject.unexportObject(registry, true); } catch (IOException e) { @@ -385,22 +389,10 @@ public class ManagementAgent { // Environment map. KIRK: why is this declared as HashMap? final HashMap<String, Object> env = new HashMap<String, Object>(); - Cache cache = CacheFactory.getAnyInstance(); String shiroConfig = this.config.getShiroInit(); - - if (!StringUtils.isEmpty(shiroConfig)) { - Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:"+shiroConfig); - SecurityManager securityManager = factory.getInstance(); - SecurityUtils.setSecurityManager(securityManager); - // TODO: how do we use the security manager configured by the shiro.ini to do JMX authentication? - } - else if (isCustomAuthenticator()) { - Properties sysProps = cache.getDistributedSystem().getProperties(); - Realm realm = new CustomAuthRealm(sysProps); - SecurityManager securityManager = new DefaultSecurityManager(realm); - - SecurityUtils.setSecurityManager(securityManager); - env.put(JMXConnectorServer.AUTHENTICATOR, realm); + if (! StringUtils.isEmpty(shiroConfig) || isCustomAuthenticator()) { + shiroAuthenticator = new JMXShiroAuthenticator(); + env.put(JMXConnectorServer.AUTHENTICATOR, shiroAuthenticator); } else { /* Disable the old authenticator mechanism */ http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/96e69799/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java index 639677b..ad67914 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java @@ -58,10 +58,6 @@ import static com.gemstone.gemfire.management.internal.security.ResourceConstant * */ public class ManagementInterceptor implements JMXAuthenticator { - - // FIXME: Merged from GEODE-17. Are they necessary? - public static final String USER_NAME = "security-username"; - public static final String PASSWORD = "security-password"; public static final String OBJECT_NAME_ACCESSCONTROL = "GemFire:service=AccessControl,type=Distributed"; private static final Logger logger = LogManager.getLogger(ManagementInterceptor.class); @@ -126,8 +122,8 @@ public class ManagementInterceptor implements JMXAuthenticator { final String[] aCredentials = (String[]) credentials; username = aCredentials[0]; password = aCredentials[1]; - pr.put(USER_NAME, username); - pr.put(PASSWORD, password); + pr.put(ResourceConstants.USER_NAME, username); + pr.put(ResourceConstants.PASSWORD, password); } else if (credentials instanceof Properties) { pr = (Properties) credentials; } else { http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/96e69799/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java b/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java index 8789d3c..29f34b0 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java @@ -20,10 +20,10 @@ import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.internal.ClassLoadUtil; import com.gemstone.gemfire.internal.i18n.LocalizedStrings; import com.gemstone.gemfire.internal.lang.StringUtils; +import com.gemstone.gemfire.management.internal.security.ResourceConstants; import com.gemstone.gemfire.management.internal.security.ResourceOperationContext; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; @@ -34,7 +34,6 @@ import org.apache.shiro.authz.Permission; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; -import javax.management.remote.JMXAuthenticator; import javax.management.remote.JMXPrincipal; import javax.security.auth.Subject; import java.lang.reflect.Method; @@ -47,12 +46,9 @@ import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; import static com.gemstone.gemfire.management.internal.security.ResourceConstants.ACCESS_DENIED_MESSAGE; -import static com.gemstone.gemfire.management.internal.security.ResourceConstants.WRONGE_CREDENTIALS_MESSAGE; -public class CustomAuthRealm extends AuthorizingRealm implements JMXAuthenticator { +public class CustomAuthRealm extends AuthorizingRealm{ public static final String REALM_NAME = "CUSTOMAUTHREALM"; - public static final String USER_NAME = "security-username"; - public static final String PASSWORD = "security-password"; private static final Logger logger = LogManager.getLogger(CustomAuthRealm.class); private String authzFactoryName; @@ -81,8 +77,8 @@ public class CustomAuthRealm extends AuthorizingRealm implements JMXAuthenticato String password = new String(authToken.getPassword()); Properties credentialProps = new Properties(); - credentialProps.put(USER_NAME, username); - credentialProps.put(PASSWORD, password); + credentialProps.put(ResourceConstants.USER_NAME, username); + credentialProps.put(ResourceConstants.PASSWORD, password); Principal principal = getAuthenticator(securityProps).authenticate(credentialProps); @@ -105,30 +101,6 @@ public class CustomAuthRealm extends AuthorizingRealm implements JMXAuthenticato return accessControl.authorizeOperation(null, context); } - - @Override - public Subject authenticate(Object credentials) { - String username = null, password = null; - if (credentials instanceof String[]) { - final String[] aCredentials = (String[]) credentials; - username = aCredentials[0]; - password = aCredentials[1]; - } else if (credentials instanceof Properties) { - username = ((Properties) credentials).getProperty(USER_NAME); - password = ((Properties) credentials).getProperty(PASSWORD); - } else { - throw new SecurityException(WRONGE_CREDENTIALS_MESSAGE); - } - - AuthenticationToken token = - new UsernamePasswordToken(username, password); - org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject(); - currentUser.login(token); - - // we are not using JMX mechanism to do authentication, therefore, this return value does not matter - return null; - } - public AccessControl getAccessControl(Principal principal, boolean isPost) { if (!isPost) { if (cachedAuthZCallback.containsKey(principal)) { http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/96e69799/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java b/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java new file mode 100644 index 0000000..ba76c16 --- /dev/null +++ b/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java @@ -0,0 +1,63 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.gemstone.gemfire.security; + +import com.gemstone.gemfire.management.internal.security.ResourceConstants; +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.authc.AuthenticationToken; +import org.apache.shiro.authc.UsernamePasswordToken; + +import javax.management.remote.JMXAuthenticator; +import javax.security.auth.Subject; +import java.util.Properties; + +import static com.gemstone.gemfire.management.internal.security.ResourceConstants.WRONGE_CREDENTIALS_MESSAGE; + +/** + * this will make JMX authentication to use Shiro for Authentication + */ + +public class JMXShiroAuthenticator implements JMXAuthenticator { + + @Override + public Subject authenticate(Object credentials) { + String username = null, password = null; + if (credentials instanceof String[]) { + final String[] aCredentials = (String[]) credentials; + username = aCredentials[0]; + password = aCredentials[1]; + } else if (credentials instanceof Properties) { + username = ((Properties) credentials).getProperty(ResourceConstants.USER_NAME); + password = ((Properties) credentials).getProperty(ResourceConstants.PASSWORD); + } else { + throw new SecurityException(WRONGE_CREDENTIALS_MESSAGE); + } + + AuthenticationToken token = + new UsernamePasswordToken(username, password); + org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject(); + currentUser.login(token); + + // we are not using JMX mechanism to do authentication, therefore, this return value does not matter + return null; + } + + public void logout(){ + org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject(); + currentUser.logout(); + } +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/96e69799/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java ---------------------------------------------------------------------- diff --git a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java index 970eb34..436b6b8 100644 --- a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java +++ b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java @@ -71,7 +71,7 @@ public class Server { ManagementInterceptor interceptor = new ManagementInterceptor(props); env.put(JMXConnectorServer.AUTHENTICATOR, interceptor); cs = JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs); - cs.setMBeanServerForwarder(new MBeanServerWrapper(interceptor)); + cs.setMBeanServerForwarder(new MBeanServerWrapper()); } else { System.setProperty("spring.profiles.active", "pulse.authentication.default"); cs = JMXConnectorServerFactory.newJMXConnectorServer(url, null, mbs);