JMXManagedObjectRegistry.java

ritchiem Wed, 03 Dec 2008 04:27:04 -0800

Author: ritchiem
Date: Wed Dec  3 04:26:40 2008
New Revision: 722865

URL: http://svn.apache.org/viewvc?rev=722865&view=rev
Log:
QPID-1482 : Patch provided by Robert Gemmell, To allow PLAIN authentication via 
JMX Console.


Modified:
    
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java

Modified: 
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java
URL: 
http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java?rev=722865&r1=722864&r2=722865&view=diff
==============================================================================
--- 
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java
 (original)
+++ 
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java
 Wed Dec  3 04:26:40 2008
@@ -28,6 +28,7 @@
 import 
org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase;
 import org.apache.qpid.server.security.auth.database.PrincipalDatabase;
 import 
org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5HashedInitialiser;
+import org.apache.qpid.server.security.auth.sasl.plain.PlainInitialiser;
 
 import javax.management.JMException;
 import javax.management.MBeanServer;
@@ -36,13 +37,6 @@
 import javax.management.remote.JMXConnectorServerFactory;
 import javax.management.remote.JMXServiceURL;
 import javax.management.remote.MBeanServerForwarder;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.login.AccountNotFoundException;
-import javax.security.sasl.AuthorizeCallback;
 import java.io.IOException;
 import java.lang.management.ManagementFactory;
 import java.rmi.RemoteException;
@@ -128,10 +122,15 @@
             }
             else if (db instanceof PlainPasswordFilePrincipalDatabase)
             {
+                PlainInitialiser initialiser = new PlainInitialiser();
+                initialiser.initialise(db);
+                env.put("jmx.remote.sasl.callback.handler", 
initialiser.getCallbackHandler());
                 env.put("jmx.remote.profiles", "SASL/PLAIN");
-                env.put("jmx.remote.sasl.callback.handler", new 
UserCallbackHandler(db));
             }
 
+            //workaround NPE generated from env map classloader issue when 
using Eclipse 3.4 to launch
+            env.put("jmx.remote.profile.provider.class.loader", 
this.getClass().getClassLoader());
+
             // Enable the SSL security and server authentication
             /*
            SslRMIClientSocketFactory csf = new SslRMIClientSocketFactory();
@@ -222,62 +221,4 @@
         }
     }
 
-    /** This class is used for SASL enabled JMXConnector for performing user 
authentication. */
-    private class UserCallbackHandler implements CallbackHandler
-    {
-        private final PrincipalDatabase _principalDatabase;
-
-        protected UserCallbackHandler(PrincipalDatabase database)
-        {
-            _principalDatabase = database;
-        }
-
-        public void handle(Callback[] callbacks) throws IOException, 
UnsupportedCallbackException
-        {
-            // Retrieve callbacks
-            NameCallback ncb = null;
-            PasswordCallback pcb = null;
-            for (int i = 0; i < callbacks.length; i++)
-            {
-                if (callbacks[i] instanceof NameCallback)
-                {
-                    ncb = (NameCallback) callbacks[i];
-                }
-                else if (callbacks[i] instanceof PasswordCallback)
-                {
-                    pcb = (PasswordCallback) callbacks[i];
-                }
-                else if (callbacks[i] instanceof AuthorizeCallback)
-                {
-                    ((AuthorizeCallback) callbacks[i]).setAuthorized(true);
-                }
-                else
-                {
-                    throw new UnsupportedCallbackException(callbacks[i]);
-                }
-            }
-
-            boolean authorized = false;
-            // Process retrieval of password; can get password if username is 
available in NameCallback
-            if ((ncb != null) && (pcb != null))
-            {
-                String username = ncb.getDefaultName();
-                try
-                {
-                    authorized = _principalDatabase.verifyPassword(username, 
pcb.getPassword());
-                }
-                catch (AccountNotFoundException e)
-                {
-                    IOException ioe = new IOException("User not authorized.  " 
+ e);
-                    ioe.initCause(e);
-                    throw ioe;
-                }
-            }
-
-            if (!authorized)
-            {
-                throw new IOException("User not authorized.");
-            }
-        }
-    }
 }

svn commit: r722865 - /incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java

Reply via email to