Repository: karaf Updated Branches: refs/heads/karaf-2.x ec094691f -> 5c911ea14
[KARAF-3147] Remove the KarafMBeanServerBuilder and refactore the guard interception Project: http://git-wip-us.apache.org/repos/asf/karaf/repo Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/5c911ea1 Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/5c911ea1 Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/5c911ea1 Branch: refs/heads/karaf-2.x Commit: 5c911ea14aaef83d9f626955a5603243622bfe0e Parents: ec09469 Author: Jean-Baptiste Onofré <[email protected]> Authored: Mon May 11 10:29:30 2015 +0200 Committer: Jean-Baptiste Onofré <[email protected]> Committed: Mon May 11 10:29:30 2015 +0200 ---------------------------------------------------------------------- .../karaf/admin/internal/AdminServiceImpl.java | 1 - assemblies/apache-karaf/pom.xml | 6 - .../src/main/distribution/unix-shell/bin/karaf | 2 +- .../distribution/windows-text/bin/karaf.bat | 2 +- .../filtered-resources/etc/config.properties | 7 +- .../apache/karaf/itests/JMXSecurityTest.java | 1 - management/boot/NOTICE | 71 ------- management/boot/pom.xml | 64 ------ .../boot/KarafMBeanServerBuilder.java | 86 -------- .../src/main/resources/OSGI-INF/bundle.info | 17 -- .../boot/KarafMBeanServerBuilderTest.java | 179 ---------------- management/pom.xml | 1 - management/server/pom.xml | 5 - .../management/ConnectorServerFactory.java | 16 +- .../karaf/management/KarafMBeanServerGuard.java | 7 - .../internal/JMXSecurityMBeanImpl.java | 13 +- .../internal/MBeanInvocationHandler.java | 66 ++++++ .../OSGI-INF/blueprint/karaf-management.xml | 4 +- .../internal/JMXSecurityMBeanImplTestCase.java | 212 ++++++++----------- pom.xml | 5 - .../karaf/shell/wrapper/unix/karaf-wrapper.conf | 12 +- .../shell/wrapper/windows/karaf-wrapper.conf | 12 +- .../shell/wrapper/windows64/karaf-wrapper.conf | 12 +- 23 files changed, 200 insertions(+), 601 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/admin/core/src/main/java/org/apache/karaf/admin/internal/AdminServiceImpl.java ---------------------------------------------------------------------- diff --git a/admin/core/src/main/java/org/apache/karaf/admin/internal/AdminServiceImpl.java b/admin/core/src/main/java/org/apache/karaf/admin/internal/AdminServiceImpl.java index 45fd465..4d3d9fb 100644 --- a/admin/core/src/main/java/org/apache/karaf/admin/internal/AdminServiceImpl.java +++ b/admin/core/src/main/java/org/apache/karaf/admin/internal/AdminServiceImpl.java @@ -424,7 +424,6 @@ public class AdminServiceImpl implements AdminService { + "\" " + opts + " " + karafOpts + " -Djava.util.logging.config.file=\"" + new File(location, "etc/java.util.logging.properties").getCanonicalPath() + "\"" - + " -Djavax.management.builder.initial=org.apache.karaf.management.boot.KarafMBeanServerBuilder" + " -Djava.endorsed.dirs=\"" + new File(new File(new File(System.getProperty("java.home"), "jre"), "lib"), "endorsed") + System.getProperty("path.separator") + new File(new File(System.getProperty("java.home"), "lib"), "endorsed") + System.getProperty("path.separator") + new File(libDir, "endorsed").getCanonicalPath() + "\"" + " -Djava.ext.dirs=\"" + new File(new File(new File(System.getProperty("java.home"), "jre"), "lib"), "ext") + System.getProperty("path.separator") + new File(new File(System.getProperty("java.home"), "lib"), "ext") + System.getProperty("path.separator") + new File(libDir, "ext").getCanonicalPath() + "\"" + " -Dkaraf.home=\"" + System.getProperty("karaf.home") + "\"" http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/assemblies/apache-karaf/pom.xml ---------------------------------------------------------------------- diff --git a/assemblies/apache-karaf/pom.xml b/assemblies/apache-karaf/pom.xml index db7c549..f4d89d9 100644 --- a/assemblies/apache-karaf/pom.xml +++ b/assemblies/apache-karaf/pom.xml @@ -530,12 +530,6 @@ <outputDirectory>target/dependencies/lib</outputDirectory> <destFileName>karaf-jaas-boot.jar</destFileName> </artifactItem> - <artifactItem> - <groupId>org.apache.karaf.management</groupId> - <artifactId>org.apache.karaf.management.boot</artifactId> - <outputDirectory>target/dependencies/lib</outputDirectory> - <destFileName>karaf-jmx-boot.jar</destFileName> - </artifactItem> </artifactItems> </configuration> </execution> http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/assemblies/apache-karaf/src/main/distribution/unix-shell/bin/karaf ---------------------------------------------------------------------- diff --git a/assemblies/apache-karaf/src/main/distribution/unix-shell/bin/karaf b/assemblies/apache-karaf/src/main/distribution/unix-shell/bin/karaf index ad09404..f0a3f4c 100755 --- a/assemblies/apache-karaf/src/main/distribution/unix-shell/bin/karaf +++ b/assemblies/apache-karaf/src/main/distribution/unix-shell/bin/karaf @@ -401,7 +401,7 @@ run() { fi cd "$KARAF_BASE" - exec "$JAVA" $JAVA_OPTS -Djava.endorsed.dirs="${JAVA_ENDORSED_DIRS}" -Djava.ext.dirs="${JAVA_EXT_DIRS}" -Dkaraf.instances="${KARAF_HOME}/instances" -Dkaraf.home="$KARAF_HOME" -Dkaraf.base="$KARAF_BASE" -Dkaraf.data="$KARAF_DATA" -Dkaraf.etc="$KARAF_ETC" -Djava.io.tmpdir="$KARAF_DATA/tmp" -Djava.util.logging.config.file="$KARAF_ETC/java.util.logging.properties" -Djavax.management.builder.initial=org.apache.karaf.management.boot.KarafMBeanServerBuilder $KARAF_OPTS $OPTS -classpath "$CLASSPATH" $MAIN "$@" + exec "$JAVA" $JAVA_OPTS -Djava.endorsed.dirs="${JAVA_ENDORSED_DIRS}" -Djava.ext.dirs="${JAVA_EXT_DIRS}" -Dkaraf.instances="${KARAF_HOME}/instances" -Dkaraf.home="$KARAF_HOME" -Dkaraf.base="$KARAF_BASE" -Dkaraf.data="$KARAF_DATA" -Dkaraf.etc="$KARAF_ETC" -Djava.io.tmpdir="$KARAF_DATA/tmp" -Djava.util.logging.config.file="$KARAF_ETC/java.util.logging.properties" $KARAF_OPTS $OPTS -classpath "$CLASSPATH" $MAIN "$@" } main() { http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/assemblies/apache-karaf/src/main/distribution/windows-text/bin/karaf.bat ---------------------------------------------------------------------- diff --git a/assemblies/apache-karaf/src/main/distribution/windows-text/bin/karaf.bat b/assemblies/apache-karaf/src/main/distribution/windows-text/bin/karaf.bat index 81bebc6..8df5c93 100755 --- a/assemblies/apache-karaf/src/main/distribution/windows-text/bin/karaf.bat +++ b/assemblies/apache-karaf/src/main/distribution/windows-text/bin/karaf.bat @@ -328,7 +328,7 @@ if "%KARAF_PROFILER%" == "" goto :RUN SET ARGS=%1 %2 %3 %4 %5 %6 %7 %8 rem Execute the Java Virtual Machine cd %KARAF_BASE% - "%JAVA%" %JAVA_OPTS% %OPTS% -classpath "%CLASSPATH%" -Djava.endorsed.dirs="%JAVA_HOME%\jre\lib\endorsed;%JAVA_HOME%\lib\endorsed;%KARAF_HOME%\lib\endorsed" -Djava.ext.dirs="%JAVA_HOME%\jre\lib\ext;%JAVA_HOME%\lib\ext;%KARAF_HOME%\lib\ext" -Dkaraf.instances="%KARAF_HOME%\instances" -Dkaraf.home="%KARAF_HOME%" -Dkaraf.base="%KARAF_BASE%" -Djava.io.tmpdir="%KARAF_DATA%\tmp" -Dkaraf.data="%KARAF_DATA%" -Dkaraf.etc="%KARAF_ETC%" -Djava.util.logging.config.file="%KARAF_ETC%\java.util.logging.properties" -Djavax.management.builder.initial=org.apache.karaf.management.boot.KarafMBeanServerBuilder %KARAF_OPTS% %MAIN% %ARGS% + "%JAVA%" %JAVA_OPTS% %OPTS% -classpath "%CLASSPATH%" -Djava.endorsed.dirs="%JAVA_HOME%\jre\lib\endorsed;%JAVA_HOME%\lib\endorsed;%KARAF_HOME%\lib\endorsed" -Djava.ext.dirs="%JAVA_HOME%\jre\lib\ext;%JAVA_HOME%\lib\ext;%KARAF_HOME%\lib\ext" -Dkaraf.instances="%KARAF_HOME%\instances" -Dkaraf.home="%KARAF_HOME%" -Dkaraf.base="%KARAF_BASE%" -Djava.io.tmpdir="%KARAF_DATA%\tmp" -Dkaraf.data="%KARAF_DATA%" -Dkaraf.etc="%KARAF_ETC%" -Djava.util.logging.config.file="%KARAF_ETC%\java.util.logging.properties" %KARAF_OPTS% %MAIN% %ARGS% rem # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/assemblies/apache-karaf/src/main/filtered-resources/etc/config.properties ---------------------------------------------------------------------- diff --git a/assemblies/apache-karaf/src/main/filtered-resources/etc/config.properties b/assemblies/apache-karaf/src/main/filtered-resources/etc/config.properties index 466e010..f49a2c9 100644 --- a/assemblies/apache-karaf/src/main/filtered-resources/etc/config.properties +++ b/assemblies/apache-karaf/src/main/filtered-resources/etc/config.properties @@ -73,7 +73,6 @@ org.osgi.framework.system.packages= \ org.osgi.util.tracker;uses:="org.osgi.framework";version="1.5.1", \ org.apache.karaf.jaas.boot;version="${karaf.osgi.version}", \ org.apache.karaf.jaas.boot.principal;version="${karaf.osgi.version}", \ - org.apache.karaf.management.boot;version="${karaf.osgi.version}", \ org.apache.karaf.version;version="${karaf.osgi.version}", \ org.apache.karaf.diagnostic.core;version="${karaf.osgi.version}", \ ${jre-${java.specification.version}} @@ -146,19 +145,19 @@ eecap-1.2= osgi.ee; osgi.ee="OSGi/Minimum"; version:List<Version>="1.0,1.1", \ # # javax.transaction is needed to avoid class loader constraint violation when using javax.sql # -org.osgi.framework.bootdelegation=org.apache.karaf.jaas.boot,org.apache.karaf.management.boot,sun.*,com.sun.*,javax.transaction,javax.transaction.*,javax.xml.crypto,javax.xml.crypto.*,org.apache.xerces.jaxp.datatype,org.apache.xerces.stax,org.apache.xerces.parsers,org.apache.xerces.jaxp,org.apache.xerces.jaxp.validation,org.apache.xerces.dom +org.osgi.framework.bootdelegation=org.apache.karaf.jaas.boot,sun.*,com.sun.*,javax.transaction,javax.transaction.*,javax.xml.crypto,javax.xml.crypto.*,org.apache.xerces.jaxp.datatype,org.apache.xerces.stax,org.apache.xerces.parsers,org.apache.xerces.jaxp,org.apache.xerces.jaxp.validation,org.apache.xerces.dom # jVisualVM support # in order to use Karaf with jvisualvm, the org.osgi.framework.bootdelegation property has to contain the org.netbeans.lib.profiler.server package # and, so, it should look like: # -# org.osgi.framework.bootdelegation=org.apache.karaf.jaas.boot,org.apache.karaf.jaas.boot.principal,org.apache.karaf.management.boot,sun.*,com.sun.*,javax.transaction,javax.transaction.*,javax.xml.crypto,javax.xml.crypto.*,org.apache.xerces.jaxp.datatype,org.apache.xerces.stax,org.apache.xerces.parsers,org.apache.xerces.jaxp,org.apache.xerces.jaxp.validation,org.apache.xerces.dom,org.netbeans.lib.profiler.server +# org.osgi.framework.bootdelegation=org.apache.karaf.jaas.boot,org.apache.karaf.jaas.boot.principal,sun.*,com.sun.*,javax.transaction,javax.transaction.*,javax.xml.crypto,javax.xml.crypto.*,org.apache.xerces.jaxp.datatype,org.apache.xerces.stax,org.apache.xerces.parsers,org.apache.xerces.jaxp,org.apache.xerces.jaxp.validation,org.apache.xerces.dom,org.netbeans.lib.profiler.server # # YourKit support # in order to use Karaf with YourKit, the org.osgi.framework.bootdelegation property has to contain the com.yourkit.* packages # and, so, it should look like: # -# org.osgi.framework.bootdelegation=org.apache.karaf.jaas.boot,org.apache.karaf.jaas.boot.principal,org.apache.karaf.management.boot,sun.*,com.sun.*,javax.transaction,javax.transaction.*,javax.xml.crypto,javax.xml.crypto.*,org.apache.xerces.jaxp.datatype,org.apache.xerces.stax,org.apache.xerces.parsers,org.apache.xerces.jaxp,org.apache.xerces.jaxp.validation,org.apache.xerces.dom,com.yourkit.* +# org.osgi.framework.bootdelegation=org.apache.karaf.jaas.boot,org.apache.karaf.jaas.boot.principal,sun.*,com.sun.*,javax.transaction,javax.transaction.*,javax.xml.crypto,javax.xml.crypto.*,org.apache.xerces.jaxp.datatype,org.apache.xerces.stax,org.apache.xerces.parsers,org.apache.xerces.jaxp,org.apache.xerces.jaxp.validation,org.apache.xerces.dom,com.yourkit.* # # http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/itests/src/test/java/org/apache/karaf/itests/JMXSecurityTest.java ---------------------------------------------------------------------- diff --git a/itests/src/test/java/org/apache/karaf/itests/JMXSecurityTest.java b/itests/src/test/java/org/apache/karaf/itests/JMXSecurityTest.java index fac0b88..beb405d 100644 --- a/itests/src/test/java/org/apache/karaf/itests/JMXSecurityTest.java +++ b/itests/src/test/java/org/apache/karaf/itests/JMXSecurityTest.java @@ -70,7 +70,6 @@ public class JMXSecurityTest extends KarafTestSupport { // Add some extra options used by this test... options.addAll(Arrays.asList( - new VMOption("-Djavax.management.builder.initial=org.apache.karaf.management.boot.KarafMBeanServerBuilder"), editConfigurationFilePut("etc/jmx.acl.org.apache.karaf.services.cfg", "getServices(boolean)", "viewer"), editConfigurationFilePut("etc/jmx.acl.org.apache.karaf.services.cfg", "getServices(long)", "manager"), editConfigurationFilePut("etc/jmx.acl.org.apache.karaf.services.cfg", "getServices(long,boolean)", "admin"))); http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/boot/NOTICE ---------------------------------------------------------------------- diff --git a/management/boot/NOTICE b/management/boot/NOTICE deleted file mode 100644 index b70f1f9..0000000 --- a/management/boot/NOTICE +++ /dev/null @@ -1,71 +0,0 @@ -Apache Karaf -Copyright 2010-2014 The Apache Software Foundation - - -I. Included Software - -This product includes software developed at -The Apache Software Foundation (http://www.apache.org/). -Licensed under the Apache License 2.0. - -This product uses software developed at -The OSGi Alliance (http://www.osgi.org/). -Copyright (c) OSGi Alliance (2000, 2010). -Licensed under the Apache License 2.0. - -This product includes software developed at -OW2 (http://www.ow2.org/). -Licensed under the BSD License. - -This product includes software developed at -OPS4J (http://www.ops4j.org/). -Licensed under the Apache License 2.0. - -This product includes software developed at -Eclipse Foundation (http://www.eclipse.org/). -Licensed under the EPL. - -This product includes software written by -Antony Lesuisse. -Licensed under Public Domain. - - -II. Used Software - -This product uses software developed at -FUSE Source (http://www.fusesource.org/). -Licensed under the Apache License 2.0. - -This product uses software developed at -AOP Alliance (http://aopalliance.sourceforge.net/). -Licensed under the Public Domain. - -This product uses software developed at -Tanuki Software (http://www.tanukisoftware.com/). -Licensed under the Apache License 2.0. - -This product uses software developed at -Jasypt (http://jasypt.sourceforge.net/). -Licensed under the Apache License 2.0. - -This product uses software developed at -JLine (http://jline.sourceforge.net). -Licensed under the BSD License. - -This product uses software developed at -SLF4J (http://www.slf4j.org/). -Licensed under the MIT License. - -This product uses software developed at -SpringSource (http://www.springsource.org/). -Licensed under the Apache License 2.0. - -This product includes software from http://www.json.org. -Copyright (c) 2002 JSON.org - - -III. License Summary -- Apache License 2.0 -- BSD License -- EPL License -- MIT License http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/boot/pom.xml ---------------------------------------------------------------------- diff --git a/management/boot/pom.xml b/management/boot/pom.xml deleted file mode 100644 index 7bb57a9..0000000 --- a/management/boot/pom.xml +++ /dev/null @@ -1,64 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> - - <!-- - - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - --> - - <modelVersion>4.0.0</modelVersion> - - <parent> - <groupId>org.apache.karaf.management</groupId> - <artifactId>management</artifactId> - <version>2.4.3-SNAPSHOT</version> - <relativePath>../pom.xml</relativePath> - </parent> - - <artifactId>org.apache.karaf.management.boot</artifactId> - <packaging>bundle</packaging> - <name>Apache Karaf :: Management :: Boot</name> - <description>Provides the JMX classes loaded at boot of the process.</description> - - <properties> - <appendedResourcesDirectory>${basedir}/../../etc/appended-resources</appendedResourcesDirectory> - </properties> - - <build> - <resources> - <resource> - <directory>${project.basedir}/src/main/resources</directory> - <includes> - <include>**/*</include> - </includes> - </resource> - <resource> - <directory>${project.basedir}/src/main/resources</directory> - <filtering>true</filtering> - <includes> - <include>**/*.info</include> - </includes> - </resource> - </resources> - <plugins> - <plugin> - <groupId>org.apache.felix</groupId> - <artifactId>maven-bundle-plugin</artifactId> - </plugin> - </plugins> - </build> - -</project> http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/boot/src/main/java/org/apache/karaf/management/boot/KarafMBeanServerBuilder.java ---------------------------------------------------------------------- diff --git a/management/boot/src/main/java/org/apache/karaf/management/boot/KarafMBeanServerBuilder.java b/management/boot/src/main/java/org/apache/karaf/management/boot/KarafMBeanServerBuilder.java deleted file mode 100644 index 9c5e014..0000000 --- a/management/boot/src/main/java/org/apache/karaf/management/boot/KarafMBeanServerBuilder.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.karaf.management.boot; - -import java.lang.reflect.InvocationHandler; -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.lang.reflect.Proxy; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; - -import javax.management.MBeanServer; -import javax.management.MBeanServerBuilder; -import javax.management.MBeanServerDelegate; - -public class KarafMBeanServerBuilder extends MBeanServerBuilder { - - private static volatile InvocationHandler guard; - - public static InvocationHandler getGuard() { - return guard; - } - - public static void setGuard(InvocationHandler guardHandler) { - guard = guardHandler; - } - - @Override - public MBeanServer newMBeanServer(String defaultDomain, MBeanServer outer, MBeanServerDelegate delegate) { - InvocationHandler handler = new MBeanInvocationHandler(super.newMBeanServer(defaultDomain, outer, delegate)); - return (MBeanServer) Proxy.newProxyInstance(getClass().getClassLoader(), new Class[]{ MBeanServer.class }, handler); - } - - private static final class MBeanInvocationHandler implements InvocationHandler { - - private final MBeanServer wrapped; - private final List<String> guarded = Collections.unmodifiableList(Arrays.asList("invoke", "getAttribute", "getAttributes", "setAttribute", "setAttributes")); - - MBeanInvocationHandler(MBeanServer mbeanServer) { - wrapped = mbeanServer; - } - - public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { - if (guarded.contains(method.getName())) { - if (KarafMBeanServerBuilder.guard == null) { - throw new IllegalStateException("KarafMBeanServerBuilder not initialized"); - } - guard.invoke(proxy, method, args); - } - if (method.getName().equals("equals") - && method.getParameterTypes().length == 1 - && method.getParameterTypes()[0] == Object.class) { - Object target = args[0]; - if (target != null && Proxy.isProxyClass(target.getClass())) { - InvocationHandler handler = Proxy.getInvocationHandler(target); - if (handler instanceof MBeanInvocationHandler) { - args[0] = ((MBeanInvocationHandler) handler).wrapped; - } - } - } else if (method.getName().equals("finalize") && method.getParameterTypes().length == 0) { - // special case finalize, don't route through to delegate because that will get its own call - return null; - } - try { - return method.invoke(wrapped, args); - } catch (InvocationTargetException ite) { - throw ite.getCause(); - } - } - } -} http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/boot/src/main/resources/OSGI-INF/bundle.info ---------------------------------------------------------------------- diff --git a/management/boot/src/main/resources/OSGI-INF/bundle.info b/management/boot/src/main/resources/OSGI-INF/bundle.info deleted file mode 100644 index 9490579..0000000 --- a/management/boot/src/main/resources/OSGI-INF/bundle.info +++ /dev/null @@ -1,17 +0,0 @@ -\u001B[1mSYNOPSIS\u001B[0m - ${project.name} - - ${project.description} - - Maven URL: - \u001B[33mmvn:${project.groupId}/${project.artifactId}/${project.version}\u001B[0m - -\u001B[1mDESCRIPTION\u001B[0m - This bundle provides JMX classes loaded during Karaf boot process. - - In particular it provides the KarafMBeanServerBuilder. - - The KarafMBeanServerBuilder builds a special MBeanServer that allows role-based authorization - for JMX access. - This class must be loadable from at startup by the JVM so this module is added to classpath, the - the boot delegation class path and made available via the system bundle. http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/boot/src/test/java/org/apache/karaf/management/boot/KarafMBeanServerBuilderTest.java ---------------------------------------------------------------------- diff --git a/management/boot/src/test/java/org/apache/karaf/management/boot/KarafMBeanServerBuilderTest.java b/management/boot/src/test/java/org/apache/karaf/management/boot/KarafMBeanServerBuilderTest.java deleted file mode 100644 index b6274e6..0000000 --- a/management/boot/src/test/java/org/apache/karaf/management/boot/KarafMBeanServerBuilderTest.java +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.karaf.management.boot; - -import java.lang.reflect.InvocationHandler; -import java.lang.reflect.Method; -import java.util.ArrayList; -import java.util.List; - -import javax.management.AttributeList; -import javax.management.InstanceNotFoundException; -import javax.management.MBeanServer; -import javax.management.NotCompliantMBeanException; -import javax.management.ObjectName; - -import junit.framework.TestCase; - -import org.easymock.EasyMock; - - -public class KarafMBeanServerBuilderTest extends TestCase { - - public void testMBeanServerBuilderBlocking() throws Exception { - MBeanServer mbs = EasyMock.createMock(MBeanServer.class); - EasyMock.replay(mbs); - - KarafMBeanServerBuilder mbsb = new KarafMBeanServerBuilder(); - MBeanServer kmbs = mbsb.newMBeanServer("test", mbs, null); - - final List<Object> handlerArgs = new ArrayList<Object>(); - InvocationHandler guard = new InvocationHandler() { - @Override - public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { - handlerArgs.add(proxy); - handlerArgs.add(method); - handlerArgs.add(args); - - throw new SecurityException("Access Denied"); - } - }; - - KarafMBeanServerBuilder.setGuard(guard); - - assertEquals("Precondition", 0, handlerArgs.size()); - - ObjectName on = ObjectName.getInstance("foo.bar:type=TestObject"); - - try { - // obtain a JMX attribute - kmbs.getAttribute(on, "myAttr"); - fail("Should have access denied"); - } catch (SecurityException se) { - // good - assertEquals(3, handlerArgs.size()); - assertSame(kmbs, handlerArgs.get(0)); - assertEquals("getAttribute", ((Method) handlerArgs.get(1)).getName()); - Object[] args = (Object[]) handlerArgs.get(2); - assertEquals(2, args.length); - assertSame(on, args[0]); - assertEquals("myAttr", args[1]); - } - - try { - // obtain a number of JMX attributes - kmbs.getAttributes(on, new String[]{"foo", "bar"}); - fail("Should have access denied"); - } catch (SecurityException se) { - // good - } - - try { - // set a JMX attribute - kmbs.getAttributes(on, new String[]{ "goo", "far" }); - fail("Should have access denied"); - } catch (SecurityException se) { - // good - } - - try { - // set a number of JMX attributes - kmbs.setAttributes(on, new AttributeList()); - fail("Should have access denied"); - } catch (SecurityException se) { - // good - } - - try { - // mimic a JMX method invocation - kmbs.setAttributes(on, new AttributeList()); - fail("Should have access denied"); - } catch (SecurityException se) { - // good - } - - // try some MBeanServer operations that are not guarded - assertTrue(kmbs.getDomains().length > 0); - assertTrue(kmbs.getMBeanCount() > 0); - assertTrue(kmbs.getDefaultDomain().length() > 0); - } - - public void testMBeanServerBuilderNonBlocking() throws Exception { - MBeanServer mbs = EasyMock.createMock(MBeanServer.class); - EasyMock.replay(mbs); - - KarafMBeanServerBuilder mbsb = new KarafMBeanServerBuilder(); - MBeanServer kmbs = mbsb.newMBeanServer("test", mbs, null); - - final List<Object> handlerArgs = new ArrayList<Object>(); - InvocationHandler guard = new InvocationHandler() { - @Override - public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { - handlerArgs.add(proxy); - handlerArgs.add(method); - handlerArgs.add(args); - return null; - } - }; - - KarafMBeanServerBuilder.setGuard(guard); - - assertEquals("Precondition", 0, handlerArgs.size()); - - ObjectName on = ObjectName.getInstance("foo.bar:type=TestObject"); - - try { - kmbs.getAttribute(on, "myAttr"); - } catch (Exception e) { - Throwable th = getInnermostException(e); - assertTrue("Expected exception as the object in question is not registered with the MBeanServer", th instanceof InstanceNotFoundException); - // good - assertEquals(3, handlerArgs.size()); - assertSame(kmbs, handlerArgs.get(0)); - assertEquals("getAttribute", ((Method) handlerArgs.get(1)).getName()); - Object[] args = (Object[]) handlerArgs.get(2); - assertEquals(2, args.length); - assertSame(on, args[0]); - assertEquals("myAttr", args[1]); - } - } - - public void testMBeanServerThrowsException() throws Exception { - MBeanServer mbs = EasyMock.createMock(MBeanServer.class); - EasyMock.replay(mbs); - - KarafMBeanServerBuilder mbsb = new KarafMBeanServerBuilder(); - MBeanServer kmbs = mbsb.newMBeanServer("test", mbs, null); - - try { - kmbs.registerMBean("Foo", ObjectName.getInstance("foo.bar:type=TestObject")); - } catch (NotCompliantMBeanException ncme) { - // good - return; - } - fail("Should have thrown a NotCompliantMBeanException"); - } - - private Throwable getInnermostException(Throwable th) { - if (th.getCause() != null) { - return getInnermostException(th.getCause()); - } else { - return th; - } - } - -} http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/pom.xml ---------------------------------------------------------------------- diff --git a/management/pom.xml b/management/pom.xml index 830c65b..b705531 100644 --- a/management/pom.xml +++ b/management/pom.xml @@ -34,7 +34,6 @@ <name>Apache Karaf :: Management</name> <modules> - <module>boot</module> <module>server</module> <module>mbeans</module> </modules> http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/server/pom.xml ---------------------------------------------------------------------- diff --git a/management/server/pom.xml b/management/server/pom.xml index ea3b853..634042f 100644 --- a/management/server/pom.xml +++ b/management/server/pom.xml @@ -59,11 +59,6 @@ <scope>provided</scope> </dependency> <dependency> - <groupId>org.apache.karaf.management</groupId> - <artifactId>org.apache.karaf.management.boot</artifactId> - <scope>provided</scope> - </dependency> - <dependency> <groupId>org.apache.karaf.service</groupId> <artifactId>org.apache.karaf.service.guard</artifactId> <scope>provided</scope> http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java ---------------------------------------------------------------------- diff --git a/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java b/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java index 03a2523..f32d3e6 100644 --- a/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java +++ b/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java @@ -18,10 +18,12 @@ package org.apache.karaf.management; import org.apache.karaf.jaas.config.KeystoreInstance; import org.apache.karaf.jaas.config.KeystoreManager; +import org.apache.karaf.management.internal.MBeanInvocationHandler; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.IOException; +import java.lang.reflect.Proxy; import java.net.BindException; import java.net.InetAddress; import java.net.ServerSocket; @@ -50,6 +52,7 @@ public class ConnectorServerFactory { private enum AuthenticatorType { NONE, PASSWORD, CERTIFICATE }; private MBeanServer server; + private KarafMBeanServerGuard guard; private String serviceUrl; private String rmiServerHost; private Map environment; @@ -76,6 +79,14 @@ public class ConnectorServerFactory { this.server = server; } + public KarafMBeanServerGuard getGuard() { + return guard; + } + + public void setGuard(KarafMBeanServerGuard guard) { + this.guard = guard; + } + public String getServiceUrl() { return serviceUrl; } @@ -231,7 +242,10 @@ public class ConnectorServerFactory { this.environment.remove("jmx.remote.authenticator"); } - this.connectorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, this.environment, this.server); + MBeanInvocationHandler handler = new MBeanInvocationHandler(server, guard); + MBeanServer guardedServer = (MBeanServer) Proxy.newProxyInstance(server.getClass().getClassLoader(), new Class[]{ MBeanServer.class }, handler); + this.connectorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, this.environment, guardedServer); + if (this.objectName != null) { this.server.registerMBean(this.connectorServer, this.objectName); } http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java ---------------------------------------------------------------------- diff --git a/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java b/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java index be323fd..d17d3d5 100644 --- a/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java +++ b/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java @@ -40,7 +40,6 @@ import javax.management.ObjectName; import javax.security.auth.Subject; import org.apache.karaf.jaas.boot.principal.RolePrincipal; -import org.apache.karaf.management.boot.KarafMBeanServerBuilder; import org.apache.karaf.management.tools.ACLConfigurationParser; import org.osgi.framework.InvalidSyntaxException; import org.osgi.service.cm.Configuration; @@ -49,8 +48,6 @@ import org.osgi.service.cm.ConfigurationAdmin; import org.slf4j.Logger; import org.slf4j.LoggerFactory; - - public class KarafMBeanServerGuard implements InvocationHandler { private static final Logger LOG = LoggerFactory.getLogger(KarafMBeanServerGuard.class); @@ -73,10 +70,6 @@ public class KarafMBeanServerGuard implements InvocationHandler { this.configAdmin = configAdmin; } - public void init() { - KarafMBeanServerBuilder.setGuard(this); - } - public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { if (method.getParameterTypes().length == 0) return null; http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/server/src/main/java/org/apache/karaf/management/internal/JMXSecurityMBeanImpl.java ---------------------------------------------------------------------- diff --git a/management/server/src/main/java/org/apache/karaf/management/internal/JMXSecurityMBeanImpl.java b/management/server/src/main/java/org/apache/karaf/management/internal/JMXSecurityMBeanImpl.java index baba38b..d572e70 100644 --- a/management/server/src/main/java/org/apache/karaf/management/internal/JMXSecurityMBeanImpl.java +++ b/management/server/src/main/java/org/apache/karaf/management/internal/JMXSecurityMBeanImpl.java @@ -31,18 +31,17 @@ import javax.management.openmbean.TabularDataSupport; import org.apache.karaf.management.JMXSecurityMBean; import org.apache.karaf.management.KarafMBeanServerGuard; -import org.apache.karaf.management.boot.KarafMBeanServerBuilder; public class JMXSecurityMBeanImpl extends StandardMBean implements JMXSecurityMBean { private MBeanServer mbeanServer; + private KarafMBeanServerGuard guard; public JMXSecurityMBeanImpl() throws NotCompliantMBeanException { super(JMXSecurityMBean.class); } public boolean canInvoke(String objectName) throws Exception { - KarafMBeanServerGuard guard = (KarafMBeanServerGuard) KarafMBeanServerBuilder.getGuard(); if (guard == null) return true; @@ -50,7 +49,6 @@ public class JMXSecurityMBeanImpl extends StandardMBean implements JMXSecurityMB } public boolean canInvoke(String objectName, String methodName) throws Exception { - KarafMBeanServerGuard guard = (KarafMBeanServerGuard) KarafMBeanServerBuilder.getGuard(); if (guard == null) return true; @@ -60,7 +58,6 @@ public class JMXSecurityMBeanImpl extends StandardMBean implements JMXSecurityMB public boolean canInvoke(String objectName, String methodName, String[] argumentTypes) throws Exception { ObjectName on = new ObjectName(objectName); - KarafMBeanServerGuard guard = (KarafMBeanServerGuard) KarafMBeanServerBuilder.getGuard(); if (guard == null) return true; @@ -119,4 +116,12 @@ public class JMXSecurityMBeanImpl extends StandardMBean implements JMXSecurityMB this.mbeanServer = mbeanServer; } + public KarafMBeanServerGuard getGuard() { + return guard; + } + + public void setGuard(KarafMBeanServerGuard guard) { + this.guard = guard; + } + } http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/server/src/main/java/org/apache/karaf/management/internal/MBeanInvocationHandler.java ---------------------------------------------------------------------- diff --git a/management/server/src/main/java/org/apache/karaf/management/internal/MBeanInvocationHandler.java b/management/server/src/main/java/org/apache/karaf/management/internal/MBeanInvocationHandler.java new file mode 100644 index 0000000..2b4f659 --- /dev/null +++ b/management/server/src/main/java/org/apache/karaf/management/internal/MBeanInvocationHandler.java @@ -0,0 +1,66 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.karaf.management.internal; + +import javax.management.MBeanServer; +import java.lang.reflect.InvocationHandler; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.lang.reflect.Proxy; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +public class MBeanInvocationHandler implements InvocationHandler { + + private final MBeanServer wrapped; + + private final InvocationHandler guard; + + private final List<String> guarded = Collections.unmodifiableList(Arrays.asList("invoke", "getAttribute", "setAttribute", "getAttributes", "setAttributes")); + + public MBeanInvocationHandler(MBeanServer mBeanServer, InvocationHandler guard) { + this.wrapped = mBeanServer; + this.guard = guard; + } + + public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { + if (guarded.contains(method.getName())) { + guard.invoke(proxy, method, args); + } + + if (method.getName().equals("equals") && method.getParameterTypes().length == 1 && method.getParameterTypes()[0] == Object.class) { + Object target = args[0]; + if (target != null && Proxy.isProxyClass(target.getClass())) { + InvocationHandler handler = Proxy.getInvocationHandler(target); + if (handler instanceof MBeanInvocationHandler) { + args[0] = ((MBeanInvocationHandler) handler).wrapped; + } + } + } else if (method.getName().equals("finalize") && method.getParameterTypes().length == 0) { + // special case finalize, don't route through to delegate because that will get its own call + return null; + } + + try { + return method.invoke(wrapped, args); + } catch (InvocationTargetException e) { + throw e.getCause(); + } + } + +} http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml ---------------------------------------------------------------------- diff --git a/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml b/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml index e6039a8..2262ba3 100644 --- a/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml +++ b/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml @@ -75,6 +75,7 @@ <bean id="connectorFactory" class="org.apache.karaf.management.ConnectorServerFactory" init-method="init" destroy-method="destroy"> <property name="server" ref="mbeanServer"/> + <property name="guard" ref="karafMBeanServerGuard"/> <property name="serviceUrl" value="${serviceUrl}"/> <property name="rmiServerHost" value="${rmiServerHost}"/> <property name="daemon" value="${daemon}"/> @@ -105,13 +106,14 @@ <reference id="configAdmin" interface="org.osgi.service.cm.ConfigurationAdmin" /> <!-- For role-based security on the JMX API --> - <bean id="karafMBeanServerGuard" class="org.apache.karaf.management.KarafMBeanServerGuard" init-method="init"> + <bean id="karafMBeanServerGuard" class="org.apache.karaf.management.KarafMBeanServerGuard"> <property name="configAdmin" ref="configAdmin" /> </bean> <!-- JMX Security MBean --> <bean id="jmxSecurityMBean" class="org.apache.karaf.management.internal.JMXSecurityMBeanImpl"> <property name="MBeanServer" ref="mbeanServer"/> + <property name="guard" ref="karafMBeanServerGuard"/> </bean> <!-- Reference to the MBean Server --> http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/management/server/src/test/java/org/apache/karaf/management/internal/JMXSecurityMBeanImplTestCase.java ---------------------------------------------------------------------- diff --git a/management/server/src/test/java/org/apache/karaf/management/internal/JMXSecurityMBeanImplTestCase.java b/management/server/src/test/java/org/apache/karaf/management/internal/JMXSecurityMBeanImplTestCase.java index 850d5a9..28ce695 100644 --- a/management/server/src/test/java/org/apache/karaf/management/internal/JMXSecurityMBeanImplTestCase.java +++ b/management/server/src/test/java/org/apache/karaf/management/internal/JMXSecurityMBeanImplTestCase.java @@ -17,7 +17,6 @@ package org.apache.karaf.management.internal; import java.io.IOException; -import java.lang.reflect.InvocationHandler; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; @@ -32,7 +31,6 @@ import javax.management.openmbean.TabularData; import junit.framework.TestCase; import org.apache.karaf.management.KarafMBeanServerGuard; -import org.apache.karaf.management.boot.KarafMBeanServerBuilder; import org.easymock.EasyMock; public class JMXSecurityMBeanImplTestCase extends TestCase { @@ -47,47 +45,36 @@ public class JMXSecurityMBeanImplTestCase extends TestCase { } public void testCanInvokeMBean() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); - try { - MBeanServer mbs = EasyMock.createMock(MBeanServer.class); - EasyMock.replay(mbs); + MBeanServer mbs = EasyMock.createMock(MBeanServer.class); + EasyMock.replay(mbs); - String objectName = "foo.bar.testing:type=SomeMBean"; - KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); - EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName))).andReturn(true); - EasyMock.replay(testGuard); - KarafMBeanServerBuilder.setGuard(testGuard); + String objectName = "foo.bar.testing:type=SomeMBean"; + KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); + EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName))).andReturn(true); + EasyMock.replay(testGuard); - JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); - mb.setMBeanServer(mbs); - assertTrue(mb.canInvoke(objectName)); - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); - } + JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); + mb.setMBeanServer(mbs); + mb.setGuard(testGuard); + assertTrue(mb.canInvoke(objectName)); } public void testCanInvokeMBean2() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); - try { - MBeanServer mbs = EasyMock.createMock(MBeanServer.class); - EasyMock.replay(mbs); + MBeanServer mbs = EasyMock.createMock(MBeanServer.class); + EasyMock.replay(mbs); - String objectName = "foo.bar.testing:type=SomeMBean"; - KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); - EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName))).andReturn(false); - EasyMock.replay(testGuard); - KarafMBeanServerBuilder.setGuard(testGuard); + String objectName = "foo.bar.testing:type=SomeMBean"; + KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); + EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName))).andReturn(false); + EasyMock.replay(testGuard); - JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); - mb.setMBeanServer(mbs); - assertFalse(mb.canInvoke(objectName)); - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); - } + JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); + mb.setMBeanServer(mbs); + mb.setGuard(testGuard); + assertFalse(mb.canInvoke(objectName)); } public void testCanInvokeMBeanThrowsException() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); try { MBeanServer mbs = EasyMock.createMock(MBeanServer.class); EasyMock.replay(mbs); @@ -96,58 +83,45 @@ public class JMXSecurityMBeanImplTestCase extends TestCase { KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName))).andThrow(new IOException()); EasyMock.replay(testGuard); - KarafMBeanServerBuilder.setGuard(testGuard); JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); mb.setMBeanServer(mbs); + mb.setGuard(testGuard); mb.canInvoke(objectName); fail("Should have thrown an exception"); } catch (IOException ioe) { // good! - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); } } public void testCanInvokeMBeanNoGuard() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); - try { - JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); - assertTrue(mb.canInvoke("foo.bar.testing:type=SomeMBean")); - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); - } + JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); + assertTrue(mb.canInvoke("foo.bar.testing:type=SomeMBean")); } public void testCanInvokeMethod() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); - try { - MBeanServer mbs = EasyMock.createMock(MBeanServer.class); - EasyMock.replay(mbs); + MBeanServer mbs = EasyMock.createMock(MBeanServer.class); + EasyMock.replay(mbs); - String objectName = "foo.bar.testing:type=SomeMBean"; - KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); - String[] la = new String[]{"long"}; - String[] sa = new String[]{"java.lang.String"}; - String[] sa2 = new String[]{"java.lang.String", "java.lang.String"}; - EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName), "testMethod", la)).andReturn(true); - EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName), "testMethod", sa)).andReturn(true); - EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName), "otherMethod", sa2)).andReturn(false); - EasyMock.replay(testGuard); - KarafMBeanServerBuilder.setGuard(testGuard); + String objectName = "foo.bar.testing:type=SomeMBean"; + KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); + String[] la = new String[]{"long"}; + String[] sa = new String[]{"java.lang.String"}; + String[] sa2 = new String[]{"java.lang.String", "java.lang.String"}; + EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName), "testMethod", la)).andReturn(true); + EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName), "testMethod", sa)).andReturn(true); + EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName), "otherMethod", sa2)).andReturn(false); + EasyMock.replay(testGuard); - JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); - mb.setMBeanServer(mbs); - assertTrue(mb.canInvoke(objectName, "testMethod", la)); - assertTrue(mb.canInvoke(objectName, "testMethod", sa)); - assertFalse(mb.canInvoke(objectName, "otherMethod", sa2)); - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); - } + JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); + mb.setMBeanServer(mbs); + mb.setGuard(testGuard); + assertTrue(mb.canInvoke(objectName, "testMethod", la)); + assertTrue(mb.canInvoke(objectName, "testMethod", sa)); + assertFalse(mb.canInvoke(objectName, "otherMethod", sa2)); } public void testCanInvokeMethodException() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); try { MBeanServer mbs = EasyMock.createMock(MBeanServer.class); EasyMock.replay(mbs); @@ -157,81 +131,69 @@ public class JMXSecurityMBeanImplTestCase extends TestCase { String[] ea = new String[]{}; EasyMock.expect(testGuard.canInvoke(mbs, new ObjectName(objectName), "testMethod", ea)).andThrow(new IOException()); EasyMock.replay(testGuard); - KarafMBeanServerBuilder.setGuard(testGuard); JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); mb.setMBeanServer(mbs); + mb.setGuard(testGuard); mb.canInvoke(objectName, "testMethod", ea); fail("Should have thrown an exception"); } catch (IOException ioe) { // good - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); } } public void testCanInvokeMethodNoGuard() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); - try { - JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); - assertTrue(mb.canInvoke("foo.bar.testing:type=SomeMBean", "someMethod", new String[]{})); - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); - } + JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); + assertTrue(mb.canInvoke("foo.bar.testing:type=SomeMBean", "someMethod", new String[]{})); } public void testCanInvokeBulk() throws Exception { - InvocationHandler prevGuard = KarafMBeanServerBuilder.getGuard(); - try { - MBeanServer mbs = EasyMock.createMock(MBeanServer.class); - EasyMock.replay(mbs); + MBeanServer mbs = EasyMock.createMock(MBeanServer.class); + EasyMock.replay(mbs); - KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); - String objectName = "foo.bar.testing:type=SomeMBean"; - final String[] la = new String[]{"long"}; - final String[] sa = new String[]{"java.lang.String"}; - EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName)), EasyMock.eq("testMethod"), EasyMock.aryEq(la))).andReturn(true).anyTimes(); - EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName)), EasyMock.eq("testMethod"), EasyMock.aryEq(sa))).andReturn(false).anyTimes(); - EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName)), EasyMock.eq("otherMethod"))).andReturn(true).anyTimes(); - String objectName2 = "foo.bar.testing:type=SomeOtherMBean"; - EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName2)))).andReturn(true).anyTimes(); - String objectName3 = "foo.bar.foo.testing:type=SomeOtherMBean"; - EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName3)))).andReturn(false).anyTimes(); - EasyMock.replay(testGuard); - KarafMBeanServerBuilder.setGuard(testGuard); + KarafMBeanServerGuard testGuard = EasyMock.createMock(KarafMBeanServerGuard.class); + String objectName = "foo.bar.testing:type=SomeMBean"; + final String[] la = new String[]{"long"}; + final String[] sa = new String[]{"java.lang.String"}; + EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName)), EasyMock.eq("testMethod"), EasyMock.aryEq(la))).andReturn(true).anyTimes(); + EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName)), EasyMock.eq("testMethod"), EasyMock.aryEq(sa))).andReturn(false).anyTimes(); + EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName)), EasyMock.eq("otherMethod"))).andReturn(true).anyTimes(); + String objectName2 = "foo.bar.testing:type=SomeOtherMBean"; + EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName2)))).andReturn(true).anyTimes(); + String objectName3 = "foo.bar.foo.testing:type=SomeOtherMBean"; + EasyMock.expect(testGuard.canInvoke(EasyMock.eq(mbs), EasyMock.eq(new ObjectName(objectName3)))).andReturn(false).anyTimes(); + EasyMock.replay(testGuard); - JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); - mb.setMBeanServer(mbs); - Map<String, List<String>> query = new HashMap<String, List<String>>(); - query.put(objectName, Arrays.asList("otherMethod", "testMethod(long)", "testMethod(java.lang.String)")); - query.put(objectName2, Collections.<String>emptyList()); - query.put(objectName3, Collections.<String>emptyList()); - TabularData result = mb.canInvoke(query); - assertEquals(5, result.size()); - - CompositeData cd = result.get(new Object[]{objectName, "testMethod(long)"}); - assertEquals(objectName, cd.get("ObjectName")); - assertEquals("testMethod(long)", cd.get("Method")); - assertEquals(true, cd.get("CanInvoke")); - CompositeData cd2 = result.get(new Object[]{objectName, "testMethod(java.lang.String)"}); - assertEquals(objectName, cd2.get("ObjectName")); - assertEquals("testMethod(java.lang.String)", cd2.get("Method")); - assertEquals(false, cd2.get("CanInvoke")); - CompositeData cd3 = result.get(new Object[]{objectName, "otherMethod"}); - assertEquals(objectName, cd3.get("ObjectName")); - assertEquals("otherMethod", cd3.get("Method")); - assertEquals(true, cd3.get("CanInvoke")); - CompositeData cd4 = result.get(new Object[]{objectName2, ""}); - assertEquals(objectName2, cd4.get("ObjectName")); - assertEquals("", cd4.get("Method")); - assertEquals(true, cd4.get("CanInvoke")); - CompositeData cd5 = result.get(new Object[]{objectName3, ""}); - assertEquals(objectName3, cd5.get("ObjectName")); - assertEquals("", cd5.get("Method")); - assertEquals(false, cd5.get("CanInvoke")); - } finally { - KarafMBeanServerBuilder.setGuard(prevGuard); - } + JMXSecurityMBeanImpl mb = new JMXSecurityMBeanImpl(); + mb.setMBeanServer(mbs); + mb.setGuard(testGuard); + Map<String, List<String>> query = new HashMap<String, List<String>>(); + query.put(objectName, Arrays.asList("otherMethod", "testMethod(long)", "testMethod(java.lang.String)")); + query.put(objectName2, Collections.<String>emptyList()); + query.put(objectName3, Collections.<String>emptyList()); + TabularData result = mb.canInvoke(query); + assertEquals(5, result.size()); + + CompositeData cd = result.get(new Object[]{objectName, "testMethod(long)"}); + assertEquals(objectName, cd.get("ObjectName")); + assertEquals("testMethod(long)", cd.get("Method")); + assertEquals(true, cd.get("CanInvoke")); + CompositeData cd2 = result.get(new Object[]{objectName, "testMethod(java.lang.String)"}); + assertEquals(objectName, cd2.get("ObjectName")); + assertEquals("testMethod(java.lang.String)", cd2.get("Method")); + assertEquals(false, cd2.get("CanInvoke")); + CompositeData cd3 = result.get(new Object[]{objectName, "otherMethod"}); + assertEquals(objectName, cd3.get("ObjectName")); + assertEquals("otherMethod", cd3.get("Method")); + assertEquals(true, cd3.get("CanInvoke")); + CompositeData cd4 = result.get(new Object[]{objectName2, ""}); + assertEquals(objectName2, cd4.get("ObjectName")); + assertEquals("", cd4.get("Method")); + assertEquals(true, cd4.get("CanInvoke")); + CompositeData cd5 = result.get(new Object[]{objectName3, ""}); + assertEquals(objectName3, cd5.get("ObjectName")); + assertEquals("", cd5.get("Method")); + assertEquals(false, cd5.get("CanInvoke")); } } http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 9babe1b..33499de 100644 --- a/pom.xml +++ b/pom.xml @@ -321,11 +321,6 @@ </dependency> <dependency> <groupId>org.apache.karaf.management</groupId> - <artifactId>org.apache.karaf.management.boot</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.karaf.management</groupId> <artifactId>org.apache.karaf.management.server</artifactId> <version>${project.version}</version> </dependency> http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/unix/karaf-wrapper.conf ---------------------------------------------------------------------- diff --git a/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/unix/karaf-wrapper.conf b/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/unix/karaf-wrapper.conf index 3522dad..0b0c88c 100644 --- a/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/unix/karaf-wrapper.conf +++ b/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/unix/karaf-wrapper.conf @@ -31,8 +31,7 @@ wrapper.java.mainclass=org.apache.karaf.shell.wrapper.Main wrapper.java.classpath.1=%KARAF_BASE%/lib/karaf-wrapper.jar wrapper.java.classpath.2=%KARAF_HOME%/lib/karaf.jar wrapper.java.classpath.3=%KARAF_HOME%/lib/karaf-jaas-boot.jar -wrapper.java.classpath.4=%KARAF_HOME%/lib/karaf-jmx-boot.jar -wrapper.java.classpath.5=%KARAF_BASE%/lib/karaf-wrapper-main.jar +wrapper.java.classpath.4=%KARAF_BASE%/lib/karaf-wrapper-main.jar wrapper.java.library.path.1=%KARAF_BASE%/lib/ # Application Parameters. Add parameters as needed starting from 1 @@ -45,11 +44,10 @@ wrapper.java.additional.2=-Dkaraf.base=%KARAF_BASE% wrapper.java.additional.3=-Dkaraf.data=%KARAF_DATA% wrapper.java.additional.4=-Dkaraf.etc=%KARAF_ETC% wrapper.java.additional.5=-Dcom.sun.management.jmxremote -wrapper.java.additional.6=-Djavax.management.builder.initial=org.apache.karaf.management.boot.KarafMBeanServerBuilder -wrapper.java.additional.7=-Dkaraf.startLocalConsole=false -wrapper.java.additional.8=-Dkaraf.startRemoteShell=true -wrapper.java.additional.9=-Djava.endorsed.dirs=%JAVA_HOME%/jre/lib/endorsed:%JAVA_HOME%/lib/endorsed:%KARAF_HOME%/lib/endorsed -wrapper.java.additional.10=-Djava.ext.dirs=%JAVA_HOME%/jre/lib/ext:%JAVA_HOME%/lib/ext:%KARAF_HOME%/lib/ext +wrapper.java.additional.6=-Dkaraf.startLocalConsole=false +wrapper.java.additional.7=-Dkaraf.startRemoteShell=true +wrapper.java.additional.8=-Djava.endorsed.dirs=%JAVA_HOME%/jre/lib/endorsed:%JAVA_HOME%/lib/endorsed:%KARAF_HOME%/lib/endorsed +wrapper.java.additional.9=-Djava.ext.dirs=%JAVA_HOME%/jre/lib/ext:%JAVA_HOME%/lib/ext:%KARAF_HOME%/lib/ext # Uncomment to enable jmx #wrapper.java.additional.n=-Dcom.sun.management.jmxremote.port=1616 http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows/karaf-wrapper.conf ---------------------------------------------------------------------- diff --git a/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows/karaf-wrapper.conf b/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows/karaf-wrapper.conf index fd83c80..cacb659 100644 --- a/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows/karaf-wrapper.conf +++ b/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows/karaf-wrapper.conf @@ -31,8 +31,7 @@ wrapper.java.mainclass=org.apache.karaf.shell.wrapper.Main wrapper.java.classpath.1=%KARAF_BASE%/lib/karaf-wrapper.jar wrapper.java.classpath.2=%KARAF_HOME%/lib/karaf.jar wrapper.java.classpath.3=%KARAF_HOME%/lib/karaf-jaas-boot.jar -wrapper.java.classpath.4=%KARAF_HOME%/lib/karaf-jmx-boot.jar -wrapper.java.classpath.5=%KARAF_BASE%/lib/karaf-wrapper-main.jar +wrapper.java.classpath.4=%KARAF_BASE%/lib/karaf-wrapper-main.jar wrapper.java.library.path.1=%KARAF_BASE%/lib/ # Application Parameters. Add parameters as needed starting from 1 @@ -45,11 +44,10 @@ wrapper.java.additional.2=-Dkaraf.base="%KARAF_BASE%" wrapper.java.additional.3=-Dkaraf.data="%KARAF_DATA%" wrapper.java.additional.4=-Dkaraf.etc="%KARAF_ETC%" wrapper.java.additional.5=-Dcom.sun.management.jmxremote -wrapper.java.additional.6=-Djavax.management.builder.initial=org.apache.karaf.management.boot.KarafMBeanServerBuilder -wrapper.java.additional.7=-Dkaraf.startLocalConsole=false -wrapper.java.additional.8=-Dkaraf.startRemoteShell=true -wrapper.java.additional.9=-Djava.endorsed.dirs="%JAVA_HOME%/jre/lib/endorsed;%JAVA_HOME%/lib/endorsed;%KARAF_HOME%/lib/endorsed" -wrapper.java.additional.10=-Djava.ext.dirs="%JAVA_HOME%/jre/lib/ext;%JAVA_HOME%/lib/ext;%KARAF_HOME%/lib/ext" +wrapper.java.additional.6=-Dkaraf.startLocalConsole=false +wrapper.java.additional.7=-Dkaraf.startRemoteShell=true +wrapper.java.additional.8=-Djava.endorsed.dirs="%JAVA_HOME%/jre/lib/endorsed;%JAVA_HOME%/lib/endorsed;%KARAF_HOME%/lib/endorsed" +wrapper.java.additional.9=-Djava.ext.dirs="%JAVA_HOME%/jre/lib/ext;%JAVA_HOME%/lib/ext;%KARAF_HOME%/lib/ext" # Uncomment to enable jmx #wrapper.java.additional.n=-Dcom.sun.management.jmxremote.port=1616 http://git-wip-us.apache.org/repos/asf/karaf/blob/5c911ea1/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows64/karaf-wrapper.conf ---------------------------------------------------------------------- diff --git a/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows64/karaf-wrapper.conf b/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows64/karaf-wrapper.conf index fd83c80..cacb659 100644 --- a/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows64/karaf-wrapper.conf +++ b/shell/wrapper/src/main/resources/org/apache/karaf/shell/wrapper/windows64/karaf-wrapper.conf @@ -31,8 +31,7 @@ wrapper.java.mainclass=org.apache.karaf.shell.wrapper.Main wrapper.java.classpath.1=%KARAF_BASE%/lib/karaf-wrapper.jar wrapper.java.classpath.2=%KARAF_HOME%/lib/karaf.jar wrapper.java.classpath.3=%KARAF_HOME%/lib/karaf-jaas-boot.jar -wrapper.java.classpath.4=%KARAF_HOME%/lib/karaf-jmx-boot.jar -wrapper.java.classpath.5=%KARAF_BASE%/lib/karaf-wrapper-main.jar +wrapper.java.classpath.4=%KARAF_BASE%/lib/karaf-wrapper-main.jar wrapper.java.library.path.1=%KARAF_BASE%/lib/ # Application Parameters. Add parameters as needed starting from 1 @@ -45,11 +44,10 @@ wrapper.java.additional.2=-Dkaraf.base="%KARAF_BASE%" wrapper.java.additional.3=-Dkaraf.data="%KARAF_DATA%" wrapper.java.additional.4=-Dkaraf.etc="%KARAF_ETC%" wrapper.java.additional.5=-Dcom.sun.management.jmxremote -wrapper.java.additional.6=-Djavax.management.builder.initial=org.apache.karaf.management.boot.KarafMBeanServerBuilder -wrapper.java.additional.7=-Dkaraf.startLocalConsole=false -wrapper.java.additional.8=-Dkaraf.startRemoteShell=true -wrapper.java.additional.9=-Djava.endorsed.dirs="%JAVA_HOME%/jre/lib/endorsed;%JAVA_HOME%/lib/endorsed;%KARAF_HOME%/lib/endorsed" -wrapper.java.additional.10=-Djava.ext.dirs="%JAVA_HOME%/jre/lib/ext;%JAVA_HOME%/lib/ext;%KARAF_HOME%/lib/ext" +wrapper.java.additional.6=-Dkaraf.startLocalConsole=false +wrapper.java.additional.7=-Dkaraf.startRemoteShell=true +wrapper.java.additional.8=-Djava.endorsed.dirs="%JAVA_HOME%/jre/lib/endorsed;%JAVA_HOME%/lib/endorsed;%KARAF_HOME%/lib/endorsed" +wrapper.java.additional.9=-Djava.ext.dirs="%JAVA_HOME%/jre/lib/ext;%JAVA_HOME%/lib/ext;%KARAF_HOME%/lib/ext" # Uncomment to enable jmx #wrapper.java.additional.n=-Dcom.sun.management.jmxremote.port=1616
