Author: gnodet
Date: Tue Sep 5 01:02:49 2006
New Revision: 440289
URL: http://svn.apache.org/viewvc?view=rev&rev=440289
Log:
Improve jmx releated factory beans and put them in their own package
Add a boolean flag on container to specify if a jmx connector should be created
Added:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/ConnectorServerFactoryBean.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/JaasAuthenticator.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/MBeanServerFactoryBean.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticator.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticatorFactoryBean.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/RmiRegistryFactoryBean.java
Removed:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/ConnectorServerFactoryBean.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/PasswordAuthenticator.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/PasswordAuthenticatorFactoryBean.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/RmiRegistryFactoryBean.java
Modified:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/container/JBIContainer.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/MBeanServerContext.java
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/ManagementContext.java
Modified:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/container/JBIContainer.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/container/JBIContainer.java?view=diff&rev=440289&r1=440288&r2=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/container/JBIContainer.java
(original)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/container/JBIContainer.java
Tue Sep 5 01:02:49 2006
@@ -331,6 +331,20 @@
}
/**
+ * @return Returns the useMBeanServer.
+ */
+ public boolean isCreateJmxConnector() {
+ return managementContext.isCreateJmxConnector();
+ }
+
+ /**
+ * @param useMBeanServer The useMBeanServer to set.
+ */
+ public void setCreateJmxConnector(boolean createJmxConnector) {
+ managementContext.setCreateJmxConnector(createJmxConnector);
+ }
+
+ /**
* @return Returns the monitorInstallationDirectory.
*/
public boolean isMonitorInstallationDirectory() {
Added:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/ConnectorServerFactoryBean.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/ConnectorServerFactoryBean.java?view=auto&rev=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/ConnectorServerFactoryBean.java
(added)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/ConnectorServerFactoryBean.java
Tue Sep 5 01:02:49 2006
@@ -0,0 +1,184 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.jmx;
+
+import java.util.Map;
+
+import javax.management.MBeanServer;
+import javax.management.MalformedObjectNameException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.factory.DisposableBean;
+import org.springframework.beans.factory.FactoryBean;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.core.Constants;
+import org.springframework.jmx.support.MBeanRegistrationSupport;
+
+/**
+ * <code>FactoryBean</code> that creates a JSR-160
<code>JMXConnectorServer</code>,
+ * optionally registers it with the <code>MBeanServer</code> and then starts
it.
+ *
+ * <p>The <code>JMXConnectorServer</code> can be started in a separate thread
by setting the
+ * <code>threaded</code> property to <code>true</code>. You can configure this
thread to be a
+ * daemon thread by setting the <code>daemon</code> property to
<code>true</code>.
+ *
+ * This xbean-enabled factory is a wrapper on top of the existing Spring
+ * factory bean. It also logs the serviceUrl when starting.
+ *
+ * @author gnodet
+ * @org.apache.xbean.XBean element="jmxConnector"
+ */
+public class ConnectorServerFactoryBean implements FactoryBean,
InitializingBean, DisposableBean {
+
+ private Log log = LogFactory.getLog(ConnectorServerFactoryBean.class);
+ private org.springframework.jmx.support.ConnectorServerFactoryBean csfb =
new org.springframework.jmx.support.ConnectorServerFactoryBean();
+ private String serviceUrl =
org.springframework.jmx.support.ConnectorServerFactoryBean.DEFAULT_SERVICE_URL;
+ private boolean daemon = false;
+ private boolean threaded = false;
+ private Map environment;
+ private String objectName;
+ private int registrationBehavior;
+ private MBeanServer server;
+ private static final Constants constants = new
Constants(MBeanRegistrationSupport.class);
+
+
+ /**
+ * Set whether any threads started for the <code>JMXConnectorServer</code>
should be
+ * started as daemon threads.
+ * @param daemon
+ * @see
org.springframework.jmx.support.ConnectorServerFactoryBean#setDaemon(boolean)
+ */
+ public void setDaemon(boolean daemon) {
+ this.daemon = daemon;
+ }
+
+ /**
+ * Set the environment properties used to construct the
<code>JMXConnector</code>
+ * as a <code>Map</code> of String keys and arbitrary Object values.
+ * @param environment
+ * @see
org.springframework.jmx.support.ConnectorServerFactoryBean#setEnvironmentMap(java.util.Map)
+ */
+ public void setEnvironment(Map environment) {
+ this.environment = environment;
+ }
+
+ /**
+ * Set the <code>ObjectName</code> used to register the
<code>JMXConnectorServer</code>
+ * itself with the <code>MBeanServer</code>.
+ * @param objectName
+ * @throws MalformedObjectNameException if the <code>ObjectName</code> is
malformed
+ * @see
org.springframework.jmx.support.ConnectorServerFactoryBean#setObjectName(java.lang.String)
+ */
+ public void setObjectName(String objectName) throws
MalformedObjectNameException {
+ this.objectName = objectName;
+ }
+
+ /**
+ * Specify what action should be taken when attempting to register an
MBean
+ * under an [EMAIL PROTECTED] javax.management.ObjectName} that already
exists.
+ * <p>Default is REGISTRATION_FAIL_ON_EXISTING.
+ * @see #setRegistrationBehaviorName(String)
+ * @see #REGISTRATION_FAIL_ON_EXISTING
+ * @see #REGISTRATION_IGNORE_EXISTING
+ * @see #REGISTRATION_REPLACE_EXISTING
+ * @param registrationBehavior
+ * @see
org.springframework.jmx.support.MBeanRegistrationSupport#setRegistrationBehavior(int)
+ */
+ public void setRegistrationBehavior(int registrationBehavior) {
+ this.registrationBehavior = registrationBehavior;
+ }
+
+ /**
+ * Set the registration behavior by the name of the corresponding constant,
+ * e.g. "REGISTRATION_IGNORE_EXISTING".
+ * @see #setRegistrationBehavior
+ * @see #REGISTRATION_FAIL_ON_EXISTING
+ * @see #REGISTRATION_IGNORE_EXISTING
+ * @see #REGISTRATION_REPLACE_EXISTING
+ * @param registrationBehavior
+ * @see
org.springframework.jmx.support.MBeanRegistrationSupport#setRegistrationBehaviorName(java.lang.String)
+ */
+ public void setRegistrationBehaviorName(String registrationBehavior) {
+
setRegistrationBehavior(constants.asNumber(registrationBehavior).intValue());
+ }
+
+ /**
+ * Specify the <code>MBeanServer</code> instance with which all beans
should
+ * be registered. The <code>MBeanExporter</code> will attempt to locate an
+ * existing <code>MBeanServer</code> if none is supplied.
+ * @param server
+ * @see
org.springframework.jmx.support.MBeanRegistrationSupport#setServer(javax.management.MBeanServer)
+ */
+ public void setServer(MBeanServer server) {
+ this.server = server;
+ }
+
+ /**
+ * Set the service URL for the <code>JMXConnectorServer</code>.
+ * @param serviceUrl
+ * @see
org.springframework.jmx.support.ConnectorServerFactoryBean#setServiceUrl(java.lang.String)
+ */
+ public void setServiceUrl(String serviceUrl) {
+ this.serviceUrl = serviceUrl;
+ }
+
+ /**
+ * Set whether the <code>JMXConnectorServer</code> should be started in a
separate thread.
+ * @param threaded
+ * @see
org.springframework.jmx.support.ConnectorServerFactoryBean#setThreaded(boolean)
+ */
+ public void setThreaded(boolean threaded) {
+ csfb.setThreaded(threaded);
+ }
+
+ public Object getObject() throws Exception {
+ return csfb.getObject();
+ }
+
+ public Class getObjectType() {
+ return csfb.getObjectType();
+ }
+
+ public boolean isSingleton() {
+ return csfb.isSingleton();
+ }
+
+ public void afterPropertiesSet() throws Exception {
+ csfb = new
org.springframework.jmx.support.ConnectorServerFactoryBean();
+ csfb.setDaemon(daemon);
+ csfb.setThreaded(threaded);
+ csfb.setRegistrationBehavior(registrationBehavior);
+ csfb.setEnvironmentMap(environment);
+ csfb.setObjectName(objectName);
+ csfb.setServiceUrl(serviceUrl);
+ csfb.setServer(server);
+ csfb.afterPropertiesSet();
+ log.info("JMX connector available at: " + serviceUrl);
+ }
+
+ public void destroy() throws Exception {
+ if (csfb != null) {
+ try {
+ csfb.destroy();
+ } finally {
+ csfb = null;
+ }
+ }
+ }
+
+}
Added:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/JaasAuthenticator.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/JaasAuthenticator.java?view=auto&rev=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/JaasAuthenticator.java
(added)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/JaasAuthenticator.java
Tue Sep 5 01:02:49 2006
@@ -0,0 +1,90 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.jmx;
+
+import javax.management.remote.JMXAuthenticator;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+
+import org.apache.servicemix.jbi.security.auth.AuthenticationService;
+import org.apache.servicemix.jbi.security.auth.impl.JAASAuthenticationService;
+
+/**
+ *
+ * @author gnodet
+ * @org.apache.xbean.XBean element="jmxJaasAuthenticator"
+ */
+public class JaasAuthenticator implements JMXAuthenticator {
+
+ private String domain = "servicemix-domain";
+ private AuthenticationService authenticationService = new
JAASAuthenticationService();
+
+ /**
+ * The authentication service can be used to customize the authentication
+ * mechanism used by this authenticator. It defaults to a
+ * JAASAuthenticationService which delegates calls to the JAAS layer.
+ *
+ * @return the authenticationService
+ */
+ public AuthenticationService getAuthenticationService() {
+ return authenticationService;
+ }
+
+ /**
+ * @param authenticationService the authenticationService to set
+ */
+ public void setAuthenticationService(AuthenticationService
authenticationService) {
+ this.authenticationService = authenticationService;
+ }
+
+ /**
+ * @return the JAAS domain to use for authentication
+ */
+ public String getDomain() {
+ return domain;
+ }
+
+ /**
+ * @param domain the JAAS domain to use for authentication
+ */
+ public void setDomain(String domain) {
+ this.domain = domain;
+ }
+
+ /* (non-Javadoc)
+ * @see
javax.management.remote.JMXAuthenticator#authenticate(java.lang.Object)
+ */
+ public Subject authenticate(Object credentials) throws SecurityException {
+ if (credentials instanceof String[] == false) {
+ throw new IllegalArgumentException("Expected String[2], got " +
(credentials != null ? credentials.getClass().getName() : null));
+ }
+ String[] params = (String[]) credentials;
+ if (params.length != 2) {
+ throw new IllegalArgumentException("Expected String[2] but length
was " + params.length);
+ }
+ Subject subject = new Subject();
+ try {
+ authenticationService.authenticate(subject, domain, params[0],
params[1]);
+ } catch (LoginException e) {
+ throw new SecurityException("Authentication failed", e);
+ } catch (Exception e) {
+ throw new SecurityException("Error occured while authenticating",
e);
+ }
+ return subject;
+ }
+
+}
Added:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/MBeanServerFactoryBean.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/MBeanServerFactoryBean.java?view=auto&rev=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/MBeanServerFactoryBean.java
(added)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/MBeanServerFactoryBean.java
Tue Sep 5 01:02:49 2006
@@ -0,0 +1,26 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.jmx;
+
+/**
+ *
+ * @author gnodet
+ * @org.apache.xbean.XBean element="jmxServer"
+ */
+public class MBeanServerFactoryBean extends
org.springframework.jmx.support.MBeanServerFactoryBean {
+
+}
Added:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticator.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticator.java?view=auto&rev=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticator.java
(added)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticator.java
Tue Sep 5 01:02:49 2006
@@ -0,0 +1,275 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.jmx;
+
+/*
+ * Copyright (C) The MX4J Contributors.
+ * All rights reserved.
+ *
+ * This software is distributed under the terms of the MX4J License version
1.0.
+ * See the terms of the MX4J License in the documentation provided with this
software.
+ */
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+import javax.management.remote.JMXAuthenticator;
+import javax.management.remote.JMXPrincipal;
+import javax.security.auth.Subject;
+
+import mx4j.util.Base64Codec;
+
+/**
+ * Implementation of the JMXAuthenticator interface to be used on server side
+ * to secure access to [EMAIL PROTECTED]
javax.management.remote.JMXConnectorServer JMXConnectorServer}s. <br/>
+ * Usage:
+ * <pre>
+ * JMXAuthenticator authenticator = new PasswordAuthenticator(new
File("users.properties"));
+ * Map environment = new HashMap();
+ * environment.put(JMXConnectorServer.AUTHENTICATOR, authenticator);
+ * JMXServiceURL address = new JMXServiceURL("rmi", "localhost", 0);
+ * MBeanServer server = ...;
+ * JMXConnectorServer cntorServer =
JMXConnectorServerFactory.newJMXConnectorServer(address, environment, server);
+ * </pre>
+ * The format of the users.properties file is that of a standard properties
file: <br/>
+ * <user>=<password><br/>
+ * where <password> can be stored in 2 ways:
+ * <ul>
+ * <li>Clear text: the password is written in clear text</li>
+ * <li>Obfuscated text: the password is obfuscated</li>
+ * </ul>
+ * The obfuscated form can be obtained running this class as a main class:
+ * <pre>
+ * java -cp mx4j-remote.jar mx4j.tools.remote.PasswordAuthenticator
+ * </pre>
+ * and following the instructions printed on the console. The output will be a
string that should be
+ * copy/pasted as the password into the properties file.<br/>
+ * The obfuscated password is obtained by digesting the clear text password
using a
+ * [EMAIL PROTECTED] java.security.MessageDigest} algorithm, and then by
Base64-encoding the resulting bytes.<br/>
+ * <br/>
+ * On client side, you are allowed to connect to a server side secured with
the PasswordAuthenticator
+ * only if you provide the correct credentials:
+ * <pre>
+ * String[] credentials = new String[2];
+ * // The user will travel as clear text
+ * credentials[0] = "user";
+ * // You may send the password in clear text, but it's better to obfuscate it
+ * credentials[1] = PasswordAuthenticator.obfuscatePassword("password");
+ * Map environment = new HashMap();
+ * environment.put(JMXConnector.CREDENTIALS, credentials);
+ * JMXServiceURL address = ...;
+ * JMXConnector cntor = JMXConnectorFactory.connect(address, environment);
+ * </pre>
+ * Note that [EMAIL PROTECTED]
#obfuscatePassword(java.lang.String,java.lang.String) obfuscating} the
passwords only works if the server side has been
+ * setup with the PasswordAuthenticator.
+ * However, the PasswordAuthenticator can be used with other JSR 160
implementations, such as Sun's reference
+ * implementation.
+ *
+ * @version $Revision: 1.3 $
+ */
+public class PasswordAuthenticator implements JMXAuthenticator
+{
+ private static final String LEFT_DELIMITER = "OBF(";
+ private static final String RIGHT_DELIMITER = "):";
+
+ /**
+ * Runs this class as main class to obfuscate passwords.
+ * When no arguments are provided, it prints out the usage.
+ *
+ * @see #obfuscatePassword(java.lang.String,java.lang.String)
+ */
+ public static void main(String[] args) throws Exception
+ {
+ if (args.length == 1)
+ {
+ if (!"-help".equals(args[0]))
+ {
+ printPassword("MD5", args[0]);
+ return;
+ }
+ }
+ else if (args.length == 3)
+ {
+ if ("-alg".equals(args[0]))
+ {
+ printPassword(args[1], args[2]);
+ return;
+ }
+ }
+ printUsage();
+ }
+
+ private static void printPassword(String algorithm, String input)
+ {
+ String password = obfuscatePassword(input, algorithm);
+ System.out.println(password);
+ }
+
+ private static void printUsage()
+ {
+ System.out.println();
+ System.out.println("Usage: java -cp <lib>/mx4j-tools.jar
mx4j.tools.remote.PasswordAuthenticator <options> <password>");
+ System.out.println("Where <options> is one of the following:");
+ System.out.println(" -help Prints this message");
+ System.out.println(" -alg <digest algorithm> Specifies the digest
algorithm (default is MD5)");
+ System.out.println();
+ }
+
+ /**
+ * Obfuscates the given password using MD5 as digest algorithm
+ *
+ * @see #obfuscatePassword(java.lang.String,java.lang.String)
+ */
+ public static String obfuscatePassword(String password)
+ {
+ return obfuscatePassword(password, "MD5");
+ }
+
+ /**
+ * Obfuscates the given password using the given digest algorithm.<br/>
+ * Obfuscation consists of 2 steps: first the clear text password is [EMAIL
PROTECTED] java.security.MessageDigest#digest digested}
+ * using the specified algorithm, then the resulting bytes are
Base64-encoded.<br/>
+ * For example, the obfuscated version of the password "password" is
"OBF(MD5):X03MO1qnZdYdgyfeuILPmQ=="
+ * or "OBF(SHA-1):W6ph5Mm5Pz8GgiULbPgzG37mj9g=". <br/>
+ * OBF stands for "obfuscated", in parenthesis the algorithm used to digest
the password.
+ */
+ public static String obfuscatePassword(String password, String algorithm)
+ {
+ try
+ {
+ MessageDigest digest = MessageDigest.getInstance(algorithm);
+ byte[] digestedBytes = digest.digest(password.getBytes());
+ byte[] obfuscatedBytes = Base64Codec.encodeBase64(digestedBytes);
+ return LEFT_DELIMITER + algorithm + RIGHT_DELIMITER + new
String(obfuscatedBytes);
+ }
+ catch (NoSuchAlgorithmException x)
+ {
+ throw new SecurityException("Could not find digest algorithm " +
algorithm);
+ }
+ }
+
+ private Map passwords;
+
+ /**
+ * Creates a new PasswordAuthenticator that reads user/password pairs from
the specified properties file.
+ * The file format is described in the javadoc of this class.
+ *
+ * @see #obfuscatePassword
+ */
+ public PasswordAuthenticator(File passwordFile) throws IOException
+ {
+ this(new FileInputStream(passwordFile));
+ }
+
+ /**
+ * Creates a new PasswordAuthenticator that reads user/password pairs from
the specified InputStream.
+ * The file format is described in the javadoc of this class.
+ *
+ * @see #obfuscatePassword
+ */
+ public PasswordAuthenticator(InputStream is) throws IOException
+ {
+ passwords = readPasswords(is);
+ }
+
+ private Map readPasswords(InputStream is) throws IOException
+ {
+ Properties properties = new Properties();
+ try
+ {
+ properties.load(is);
+ }
+ finally
+ {
+ is.close();
+ }
+ return new HashMap(properties);
+ }
+
+ public Subject authenticate(Object credentials) throws SecurityException
+ {
+ if (!(credentials instanceof String[])) throw new SecurityException("Bad
credentials");
+ String[] creds = (String[])credentials;
+ if (creds.length != 2) throw new SecurityException("Bad credentials");
+
+ String user = creds[0];
+ String password = creds[1];
+
+ if (password == null) throw new SecurityException("Bad password");
+
+ if (!passwords.containsKey(user)) throw new SecurityException("Unknown
user " + user);
+
+ String storedPassword = (String)passwords.get(user);
+ if (!isPasswordCorrect(password, storedPassword)) throw new
SecurityException("Bad password");
+
+ Set principals = new HashSet();
+ principals.add(new JMXPrincipal(user));
+ return new Subject(true, principals, Collections.EMPTY_SET,
Collections.EMPTY_SET);
+ }
+
+ private boolean isPasswordCorrect(String password, String storedPassword)
+ {
+ if (password.startsWith(LEFT_DELIMITER))
+ {
+ if (storedPassword.startsWith(LEFT_DELIMITER))
+ {
+ return password.equals(storedPassword);
+ }
+ else
+ {
+ String algorithm = getAlgorithm(password);
+ String obfuscated = obfuscatePassword(storedPassword, algorithm);
+ return password.equals(obfuscated);
+ }
+ }
+ else
+ {
+ if (storedPassword.startsWith(LEFT_DELIMITER))
+ {
+ // Password was sent in clear, bad practice
+ String algorithm = getAlgorithm(storedPassword);
+ String obfuscated = obfuscatePassword(password, algorithm);
+ return obfuscated.equals(storedPassword);
+ }
+ else
+ {
+ return password.equals(storedPassword);
+ }
+ }
+ }
+
+ private String getAlgorithm(String obfuscatedPassword)
+ {
+ try
+ {
+ return obfuscatedPassword.substring(LEFT_DELIMITER.length(),
obfuscatedPassword.indexOf(RIGHT_DELIMITER));
+ }
+ catch (IndexOutOfBoundsException x)
+ {
+ throw new SecurityException("Bad password");
+ }
+ }
+}
Added:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticatorFactoryBean.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticatorFactoryBean.java?view=auto&rev=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticatorFactoryBean.java
(added)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/PasswordAuthenticatorFactoryBean.java
Tue Sep 5 01:02:49 2006
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.jmx;
+
+import org.springframework.beans.factory.FactoryBean;
+import org.springframework.core.io.Resource;
+
+/**
+ *
+ * @author gnodet
+ * @org.apache.xbean.XBean element="jmxPasswordAuthenticator"
+ */
+public class PasswordAuthenticatorFactoryBean implements FactoryBean {
+
+ private Resource passwords;
+ private PasswordAuthenticator authenticator;
+
+ /**
+ * @return the passwords
+ */
+ public Resource getPasswords() {
+ return passwords;
+ }
+
+ /**
+ * @param passwords the passwords to set
+ */
+ public void setPasswords(Resource passwords) {
+ this.passwords = passwords;
+ }
+
+ public Object getObject() throws Exception {
+ if (authenticator == null) {
+ authenticator = new
PasswordAuthenticator(passwords.getInputStream());
+ }
+ return authenticator;
+ }
+
+ public Class getObjectType() {
+ return PasswordAuthenticator.class;
+ }
+
+ public boolean isSingleton() {
+ return true;
+ }
+
+}
Added:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/RmiRegistryFactoryBean.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/RmiRegistryFactoryBean.java?view=auto&rev=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/RmiRegistryFactoryBean.java
(added)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/jmx/RmiRegistryFactoryBean.java
Tue Sep 5 01:02:49 2006
@@ -0,0 +1,119 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.jbi.jmx;
+
+import java.rmi.RemoteException;
+import java.rmi.registry.LocateRegistry;
+import java.rmi.registry.Registry;
+import java.rmi.server.UnicastRemoteObject;
+
+import org.springframework.beans.factory.DisposableBean;
+import org.springframework.beans.factory.FactoryBean;
+import org.springframework.beans.factory.InitializingBean;
+
+/**
+ *
+ * @author gnodet
+ * @org.apache.xbean.XBean element="rmiRegistry"
+ */
+public class RmiRegistryFactoryBean implements FactoryBean, InitializingBean,
DisposableBean{
+
+ private int port = Registry.REGISTRY_PORT;
+ private Registry registry;
+ private boolean locate = false;
+ private boolean create = true;
+ private boolean locallyCreated = false;
+
+ /**
+ * @return the create
+ */
+ public boolean isCreate() {
+ return create;
+ }
+
+ /**
+ * @param create the create to set
+ */
+ public void setCreate(boolean create) {
+ this.create = create;
+ }
+
+ /**
+ * @return the locate
+ */
+ public boolean isLocate() {
+ return locate;
+ }
+
+ /**
+ * @param locate the locate to set
+ */
+ public void setLocate(boolean locate) {
+ this.locate = locate;
+ }
+
+ /**
+ * @return the port
+ */
+ public int getPort() {
+ return port;
+ }
+
+ /**
+ * @param port the port to set
+ */
+ public void setPort(int port) {
+ this.port = port;
+ }
+
+ public Object getObject() throws Exception {
+ return registry;
+ }
+
+ public Class getObjectType() {
+ return Registry.class;
+ }
+
+ public boolean isSingleton() {
+ return true;
+ }
+
+ public void afterPropertiesSet() throws RemoteException {
+ if (registry == null && locate) {
+ try {
+ Registry reg = LocateRegistry.getRegistry(getPort());
+ reg.list();
+ registry = reg;
+ } catch (RemoteException e) {
+ // ignore
+ }
+ }
+ if (registry == null && create) {
+ registry = LocateRegistry.createRegistry(getPort());
+ locallyCreated = true;
+ }
+ }
+
+ public void destroy() throws RemoteException {
+ if (registry != null && locallyCreated) {
+ Registry reg = registry;
+ registry = null;
+ UnicastRemoteObject.unexportObject(reg, true);
+ }
+ }
+
+}
Modified:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/MBeanServerContext.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/MBeanServerContext.java?view=diff&rev=440289&r1=440288&r2=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/MBeanServerContext.java
(original)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/MBeanServerContext.java
Tue Sep 5 01:02:49 2006
@@ -29,6 +29,8 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.servicemix.jbi.jmx.ConnectorServerFactoryBean;
+import org.apache.servicemix.jbi.jmx.RmiRegistryFactoryBean;
import edu.emory.mathcs.backport.java.util.concurrent.atomic.AtomicBoolean;
Modified:
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/ManagementContext.java
URL:
http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/ManagementContext.java?view=diff&rev=440289&r1=440288&r2=440289
==============================================================================
---
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/ManagementContext.java
(original)
+++
incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/management/ManagementContext.java
Tue Sep 5 01:02:49 2006
@@ -126,6 +126,14 @@
public int getNamingPort() {
return mbeanServerContext.getConnectorPort();
}
+
+ public boolean isCreateJmxConnector() {
+ return mbeanServerContext.isCreateConnector();
+ }
+
+ public void setCreateJmxConnector(boolean createJmxConnector) {
+ mbeanServerContext.setCreateConnector(createJmxConnector);
+ }
/**
* Initialize the ManagementContext
