55985
|
1 |
/*
|
|
2 |
* To change this license header, choose License Headers in Project Properties.
|
|
3 |
* To change this template file, choose Tools | Templates
|
|
4 |
* and open the template in the editor.
|
|
5 |
*/
|
|
6 |
package javax.management.remote.rest;
|
|
7 |
|
|
8 |
import com.sun.net.httpserver.HttpServer;
|
|
9 |
import com.sun.net.httpserver.HttpsConfigurator;
|
|
10 |
import com.sun.net.httpserver.HttpsServer;
|
|
11 |
|
|
12 |
import javax.management.MBeanServer;
|
|
13 |
import javax.net.ssl.KeyManagerFactory;
|
|
14 |
import javax.net.ssl.SSLContext;
|
|
15 |
import javax.net.ssl.TrustManagerFactory;
|
|
16 |
import java.io.BufferedInputStream;
|
|
17 |
import java.io.FileInputStream;
|
|
18 |
import java.io.IOException;
|
|
19 |
import java.lang.management.ManagementFactory;
|
|
20 |
import java.net.InetSocketAddress;
|
|
21 |
import java.security.KeyStore;
|
|
22 |
import java.util.*;
|
|
23 |
|
|
24 |
/**
|
|
25 |
* @author harsha
|
|
26 |
*/
|
|
27 |
public class PlatformRestAdapter {
|
|
28 |
|
|
29 |
private static final Set<String> contextList = new HashSet<>();
|
|
30 |
/*
|
|
31 |
* Initializes HTTPServer with settings from config file
|
|
32 |
* acts as container for platform rest adapter
|
|
33 |
*/
|
|
34 |
private static HttpServer httpServer = null;
|
|
35 |
private static JmxRestAdapter instance = null;
|
|
36 |
|
|
37 |
private PlatformRestAdapter() {
|
|
38 |
}
|
|
39 |
|
|
40 |
public static synchronized void init(String portStr, Properties props) throws IOException {
|
|
41 |
if (instance == null) {
|
|
42 |
final int port;
|
|
43 |
try {
|
|
44 |
port = Integer.parseInt(portStr);
|
|
45 |
} catch (NumberFormatException x) {
|
|
46 |
throw new IllegalArgumentException("Invalid string for port");
|
|
47 |
}
|
|
48 |
if (port < 0) {
|
|
49 |
throw new IllegalArgumentException("Invalid string for port");
|
|
50 |
}
|
|
51 |
|
|
52 |
boolean useSSL = Boolean.parseBoolean((String) props.get("com.sun.management.jmxremote.ssl"));
|
|
53 |
if (useSSL) {
|
|
54 |
final String sslConfigFileName
|
|
55 |
= props.getProperty(PropertyNames.SSL_CONFIG_FILE_NAME);
|
|
56 |
SSLContext ctx = getSSlContext(sslConfigFileName);
|
|
57 |
if (ctx != null) {
|
|
58 |
HttpsServer server = HttpsServer.create(new InetSocketAddress(port), 0);
|
|
59 |
server.setHttpsConfigurator(new HttpsConfigurator(ctx));
|
|
60 |
httpServer = server;
|
|
61 |
} else {
|
|
62 |
httpServer = HttpServer.create(new InetSocketAddress(port), 0);
|
|
63 |
}
|
|
64 |
} else {
|
|
65 |
httpServer = HttpServer.create(new InetSocketAddress(port), 0);
|
|
66 |
}
|
|
67 |
|
|
68 |
// Initialize rest adapter
|
|
69 |
Map<String, Object> env = new HashMap<>();
|
|
70 |
// Do we use authentication?
|
|
71 |
final String useAuthenticationStr
|
|
72 |
= props.getProperty(PropertyNames.USE_AUTHENTICATION,
|
|
73 |
DefaultValues.USE_AUTHENTICATION);
|
|
74 |
final boolean useAuthentication
|
|
75 |
= Boolean.valueOf(useAuthenticationStr);
|
|
76 |
|
|
77 |
String loginConfigName;
|
|
78 |
String passwordFileName;
|
|
79 |
|
|
80 |
if (useAuthentication) {
|
|
81 |
env.put("jmx.remote.x.authentication", Boolean.TRUE);
|
|
82 |
// Get non-default login configuration
|
|
83 |
loginConfigName
|
|
84 |
= props.getProperty(PropertyNames.LOGIN_CONFIG_NAME);
|
|
85 |
env.put("jmx.remote.x.login.config", loginConfigName);
|
|
86 |
|
|
87 |
if (loginConfigName == null) {
|
|
88 |
// Get password file
|
|
89 |
passwordFileName
|
|
90 |
= props.getProperty(PropertyNames.PASSWORD_FILE_NAME);
|
|
91 |
env.put("jmx.remote.x.password.file", passwordFileName);
|
|
92 |
}
|
|
93 |
}
|
|
94 |
|
|
95 |
instance = new JmxRestAdapterImpl(httpServer, "default", env, ManagementFactory.getPlatformMBeanServer());
|
|
96 |
httpServer.start();
|
|
97 |
}
|
|
98 |
}
|
|
99 |
|
|
100 |
public static void stop() {
|
|
101 |
if (instance != null) {
|
|
102 |
instance.stop();
|
|
103 |
instance = null;
|
|
104 |
}
|
|
105 |
if (httpServer != null) {
|
|
106 |
httpServer.stop(0);
|
|
107 |
httpServer = null;
|
|
108 |
}
|
|
109 |
}
|
|
110 |
|
|
111 |
private static SSLContext getSSlContext(String sslConfigFileName) {
|
|
112 |
final String keyStore, keyStorePassword, trustStore, trustStorePassword;
|
|
113 |
|
|
114 |
try {
|
|
115 |
if (sslConfigFileName == null || sslConfigFileName.isEmpty()) {
|
|
116 |
keyStore = System.getProperty(PropertyNames.SSL_KEYSTORE_FILE);
|
|
117 |
keyStorePassword = System.getProperty(PropertyNames.SSL_KEYSTORE_PASSWORD);
|
|
118 |
trustStore = System.getProperty(PropertyNames.SSL_TRUSTSTORE_FILE);
|
|
119 |
trustStorePassword = System.getProperty(PropertyNames.SSL_TRUSTSTORE_PASSWORD);
|
|
120 |
} else {
|
|
121 |
Properties p = new Properties();
|
|
122 |
BufferedInputStream bin = new BufferedInputStream(new FileInputStream(sslConfigFileName));
|
|
123 |
p.load(bin);
|
|
124 |
keyStore = p.getProperty(PropertyNames.SSL_KEYSTORE_FILE);
|
|
125 |
keyStorePassword = p.getProperty(PropertyNames.SSL_KEYSTORE_PASSWORD);
|
|
126 |
trustStore = p.getProperty(PropertyNames.SSL_TRUSTSTORE_FILE);
|
|
127 |
trustStorePassword = p.getProperty(PropertyNames.SSL_TRUSTSTORE_PASSWORD);
|
|
128 |
}
|
|
129 |
|
|
130 |
char[] keyStorePasswd = null;
|
|
131 |
if (keyStorePassword.length() != 0) {
|
|
132 |
keyStorePasswd = keyStorePassword.toCharArray();
|
|
133 |
}
|
|
134 |
|
|
135 |
char[] trustStorePasswd = null;
|
|
136 |
if (trustStorePassword.length() != 0) {
|
|
137 |
trustStorePasswd = trustStorePassword.toCharArray();
|
|
138 |
}
|
|
139 |
|
|
140 |
KeyStore ks = null;
|
|
141 |
if (keyStore != null) {
|
|
142 |
ks = KeyStore.getInstance(KeyStore.getDefaultType());
|
|
143 |
FileInputStream ksfis = new FileInputStream(keyStore);
|
|
144 |
ks.load(ksfis, keyStorePasswd);
|
|
145 |
|
|
146 |
}
|
|
147 |
KeyManagerFactory kmf = KeyManagerFactory.getInstance(
|
|
148 |
KeyManagerFactory.getDefaultAlgorithm());
|
|
149 |
kmf.init(ks, keyStorePasswd);
|
|
150 |
|
|
151 |
KeyStore ts = null;
|
|
152 |
if (trustStore != null) {
|
|
153 |
ts = KeyStore.getInstance(KeyStore.getDefaultType());
|
|
154 |
FileInputStream tsfis = new FileInputStream(trustStore);
|
|
155 |
ts.load(tsfis, trustStorePasswd);
|
|
156 |
}
|
|
157 |
TrustManagerFactory tmf = TrustManagerFactory.getInstance(
|
|
158 |
TrustManagerFactory.getDefaultAlgorithm());
|
|
159 |
tmf.init(ts);
|
|
160 |
|
|
161 |
SSLContext ctx = SSLContext.getInstance("SSL");
|
|
162 |
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
|
|
163 |
return ctx;
|
|
164 |
} catch (Exception ex) {
|
|
165 |
}
|
|
166 |
return null;
|
|
167 |
}
|
|
168 |
|
|
169 |
public static JmxRestAdapter getInstance() {
|
|
170 |
if (instance == null) {
|
|
171 |
throw new IllegalStateException("PlatformRestAdapter not initialized");
|
|
172 |
}
|
|
173 |
return instance;
|
|
174 |
}
|
|
175 |
|
|
176 |
public static synchronized JmxRestAdapter newRestAdapter(String context, Map<String, ?> env, MBeanServer mbeanServer) {
|
|
177 |
if (!contextList.contains(context)) {
|
|
178 |
contextList.add(context);
|
|
179 |
return new JmxRestAdapterImpl(httpServer, context, env, mbeanServer);
|
|
180 |
}
|
|
181 |
throw new IllegalArgumentException(context + " is already taken");
|
|
182 |
}
|
|
183 |
|
|
184 |
/**
|
|
185 |
* Default values for JMX configuration properties.
|
|
186 |
*/
|
|
187 |
public static interface DefaultValues {
|
|
188 |
|
|
189 |
public static final String PORT = "0";
|
|
190 |
public static final String CONFIG_FILE_NAME = "management.properties";
|
|
191 |
public static final String USE_SSL = "true";
|
|
192 |
public static final String USE_LOCAL_ONLY = "true";
|
|
193 |
public static final String USE_REGISTRY_SSL = "false";
|
|
194 |
public static final String USE_AUTHENTICATION = "true";
|
|
195 |
public static final String PASSWORD_FILE_NAME = "jmxremote.password";
|
|
196 |
public static final String ACCESS_FILE_NAME = "jmxremote.access";
|
|
197 |
public static final String SSL_NEED_CLIENT_AUTH = "false";
|
|
198 |
}
|
|
199 |
|
|
200 |
/**
|
|
201 |
* Names of JMX configuration properties.
|
|
202 |
*/
|
|
203 |
public static interface PropertyNames {
|
|
204 |
|
|
205 |
public static final String PORT
|
|
206 |
= "com.sun.management.jmxremote.rest.port";
|
|
207 |
public static final String HOST
|
|
208 |
= "com.sun.management.jmxremote.host";
|
|
209 |
public static final String USE_SSL
|
|
210 |
= "com.sun.management.jmxremote.ssl";
|
|
211 |
public static final String USE_AUTHENTICATION
|
|
212 |
= "com.sun.management.jmxremote.authenticate";
|
|
213 |
public static final String PASSWORD_FILE_NAME
|
|
214 |
= "com.sun.management.jmxremote.password.file";
|
|
215 |
public static final String LOGIN_CONFIG_NAME
|
|
216 |
= "com.sun.management.jmxremote.login.config";
|
|
217 |
public static final String SSL_NEED_CLIENT_AUTH
|
|
218 |
= "com.sun.management.jmxremote.ssl.need.client.auth";
|
|
219 |
public static final String SSL_CONFIG_FILE_NAME
|
|
220 |
= "com.sun.management.jmxremote.ssl.config.file";
|
|
221 |
public static final String SSL_KEYSTORE_FILE
|
|
222 |
= "javax.net.ssl.keyStore";
|
|
223 |
public static final String SSL_TRUSTSTORE_FILE
|
|
224 |
= "javax.net.ssl.trustStore";
|
|
225 |
public static final String SSL_KEYSTORE_PASSWORD
|
|
226 |
= "javax.net.ssl.keyStorePassword";
|
|
227 |
public static final String SSL_TRUSTSTORE_PASSWORD
|
|
228 |
= "javax.net.ssl.trustStorePassword";
|
|
229 |
}
|
|
230 |
}
|