Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/jdk.management.agent/share/classes/sun/management/jmxremote/ConnectorBootstrap.java
changeset 48144 364207a23251
parent 47425 96179f26139e
equal deleted inserted replaced
48143:4c8451a12e79 48144:364207a23251 
     1 /*
 
     1 /*
 
     2  * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
 
     2  * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     4  *
 
     4  *
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
    68 import javax.net.ssl.SSLSocketFactory;
 
    68 import javax.net.ssl.SSLSocketFactory;
 
    69 import javax.net.ssl.TrustManagerFactory;
 
    69 import javax.net.ssl.TrustManagerFactory;
 
    70 import javax.rmi.ssl.SslRMIClientSocketFactory;
 
    70 import javax.rmi.ssl.SslRMIClientSocketFactory;
 
    71 import javax.rmi.ssl.SslRMIServerSocketFactory;
 
    71 import javax.rmi.ssl.SslRMIServerSocketFactory;
 
    72 import javax.security.auth.Subject;
 
    72 import javax.security.auth.Subject;
 
    73 
       
    74 import com.sun.jmx.remote.internal.rmi.RMIExporter;
 
    73 import com.sun.jmx.remote.internal.rmi.RMIExporter;
 
    75 import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
 
    74 import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
 
    76 
       
    77 import jdk.internal.agent.Agent;
 
    75 import jdk.internal.agent.Agent;
 
    78 import jdk.internal.agent.AgentConfigurationError;
 
    76 import jdk.internal.agent.AgentConfigurationError;
 
    79 import static jdk.internal.agent.AgentConfigurationError.*;
 
    77 import static jdk.internal.agent.AgentConfigurationError.*;
 
    80 import jdk.internal.agent.ConnectorAddressLink;
 
    78 import jdk.internal.agent.ConnectorAddressLink;
 
    81 import jdk.internal.agent.FileSystem;
 
    79 import jdk.internal.agent.FileSystem;
 
   100         public static final String USE_SSL = "true";
 
    98         public static final String USE_SSL = "true";
 
   101         public static final String USE_LOCAL_ONLY = "true";
 
    99         public static final String USE_LOCAL_ONLY = "true";
 
   102         public static final String USE_REGISTRY_SSL = "false";
 
   100         public static final String USE_REGISTRY_SSL = "false";
 
   103         public static final String USE_AUTHENTICATION = "true";
 
   101         public static final String USE_AUTHENTICATION = "true";
 
   104         public static final String PASSWORD_FILE_NAME = "jmxremote.password";
 
   102         public static final String PASSWORD_FILE_NAME = "jmxremote.password";
 
       
   103         public static final String HASH_PASSWORDS = "true";
 
   105         public static final String ACCESS_FILE_NAME = "jmxremote.access";
 
   104         public static final String ACCESS_FILE_NAME = "jmxremote.access";
 
   106         public static final String SSL_NEED_CLIENT_AUTH = "false";
 
   105         public static final String SSL_NEED_CLIENT_AUTH = "false";
 
   107     }
 
   106     }
 
   108 
   107 
   109     /**
 
   108     /**
 
   127                 "com.sun.management.jmxremote.registry.ssl";
 
   126                 "com.sun.management.jmxremote.registry.ssl";
 
   128         public static final String USE_AUTHENTICATION =
 
   127         public static final String USE_AUTHENTICATION =
 
   129                 "com.sun.management.jmxremote.authenticate";
 
   128                 "com.sun.management.jmxremote.authenticate";
 
   130         public static final String PASSWORD_FILE_NAME =
 
   129         public static final String PASSWORD_FILE_NAME =
 
   131                 "com.sun.management.jmxremote.password.file";
 
   130                 "com.sun.management.jmxremote.password.file";
 
       
   131         public static final String HASH_PASSWORDS
 
       
   132                 = "com.sun.management.jmxremote.password.toHashes";
 
   132         public static final String ACCESS_FILE_NAME =
 
   133         public static final String ACCESS_FILE_NAME =
 
   133                 "com.sun.management.jmxremote.access.file";
 
   134                 "com.sun.management.jmxremote.access.file";
 
   134         public static final String LOGIN_CONFIG_NAME =
 
   135         public static final String LOGIN_CONFIG_NAME =
 
   135                 "com.sun.management.jmxremote.login.config";
 
   136                 "com.sun.management.jmxremote.login.config";
 
   136         public static final String SSL_ENABLED_CIPHER_SUITES =
 
   137         public static final String SSL_ENABLED_CIPHER_SUITES =
 
   410         final String sslConfigFileName =
 
   411         final String sslConfigFileName =
 
   411                 props.getProperty(PropertyNames.SSL_CONFIG_FILE_NAME);
 
   412                 props.getProperty(PropertyNames.SSL_CONFIG_FILE_NAME);
 
   412 
   413 
   413         String loginConfigName = null;
 
   414         String loginConfigName = null;
 
   414         String passwordFileName = null;
 
   415         String passwordFileName = null;
 
       
   416         boolean shouldHashPasswords = true;
 
   415         String accessFileName = null;
 
   417         String accessFileName = null;
 
   416 
   418 
   417         // Initialize settings when authentication is active
 
   419         // Initialize settings when authentication is active
 
   418         if (useAuthentication) {
 
   420         if (useAuthentication) {
 
   419 
   421 
   424             if (loginConfigName == null) {
 
   426             if (loginConfigName == null) {
 
   425                 // Get password file
 
   427                 // Get password file
 
   426                 passwordFileName =
 
   428                 passwordFileName =
 
   427                         props.getProperty(PropertyNames.PASSWORD_FILE_NAME,
 
   429                         props.getProperty(PropertyNames.PASSWORD_FILE_NAME,
 
   428                         getDefaultFileName(DefaultValues.PASSWORD_FILE_NAME));
 
   430                         getDefaultFileName(DefaultValues.PASSWORD_FILE_NAME));
 
       
   431                 String hashPasswords
 
       
   432                         = props.getProperty(PropertyNames.HASH_PASSWORDS,
 
       
   433                                 DefaultValues.HASH_PASSWORDS);
 
       
   434                 shouldHashPasswords = Boolean.parseBoolean(hashPasswords);
 
       
   435 
   429                 checkPasswordFile(passwordFileName);
 
   436                 checkPasswordFile(passwordFileName);
 
   430             }
 
   437             }
 
   431 
   438 
   432             // Get access file
 
   439             // Get access file
 
   433             accessFileName = props.getProperty(PropertyNames.ACCESS_FILE_NAME,
 
   440             accessFileName = props.getProperty(PropertyNames.ACCESS_FILE_NAME,
 
   472             final JMXConnectorServerData data = exportMBeanServer(
 
   479             final JMXConnectorServerData data = exportMBeanServer(
 
   473                     mbs, port, rmiPort, useSsl, useRegistrySsl,
 
   480                     mbs, port, rmiPort, useSsl, useRegistrySsl,
 
   474                     sslConfigFileName, enabledCipherSuitesList,
 
   481                     sslConfigFileName, enabledCipherSuitesList,
 
   475                     enabledProtocolsList, sslNeedClientAuth,
 
   482                     enabledProtocolsList, sslNeedClientAuth,
 
   476                     useAuthentication, loginConfigName,
 
   483                     useAuthentication, loginConfigName,
 
   477                     passwordFileName, accessFileName, bindAddress, jmxRmiFilter);
 
   484                     passwordFileName, shouldHashPasswords, accessFileName, bindAddress, jmxRmiFilter);
 
   478             cs = data.jmxConnectorServer;
 
   485             cs = data.jmxConnectorServer;
 
   479             url = data.jmxRemoteURL;
 
   486             url = data.jmxRemoteURL;
 
   480             config("startRemoteConnectorServer",
 
   487             config("startRemoteConnectorServer",
 
   481                    Agent.getText("jmxremote.ConnectorBootstrap.ready",
 
   488                    Agent.getText("jmxremote.ConnectorBootstrap.ready",
 
   482                    url.toString()));
 
   489                    url.toString()));
 
   565             throw new AgentConfigurationError(PASSWORD_FILE_NOT_FOUND, passwordFileName);
 
   572             throw new AgentConfigurationError(PASSWORD_FILE_NOT_FOUND, passwordFileName);
 
   566         }
 
   573         }
 
   567 
   574 
   568         if (!file.canRead()) {
 
   575         if (!file.canRead()) {
 
   569             throw new AgentConfigurationError(PASSWORD_FILE_NOT_READABLE, passwordFileName);
 
   576             throw new AgentConfigurationError(PASSWORD_FILE_NOT_READABLE, passwordFileName);
 
       
   577         }
 
       
   578 
       
   579         if(!file.canWrite() && PropertyNames.HASH_PASSWORDS.equalsIgnoreCase("true")) {
 
       
   580             logger.log(Level.WARNING, "");
 
   570         }
 
   581         }
 
   571 
   582 
   572         FileSystem fs = FileSystem.open();
 
   583         FileSystem fs = FileSystem.open();
 
   573         try {
 
   584         try {
 
   574             if (fs.supportsFileSecurity(file)) {
 
   585             if (fs.supportsFileSecurity(file)) {
 
   727             String[] enabledProtocols,
 
   738             String[] enabledProtocols,
 
   728             boolean sslNeedClientAuth,
 
   739             boolean sslNeedClientAuth,
 
   729             boolean useAuthentication,
 
   740             boolean useAuthentication,
 
   730             String loginConfigName,
 
   741             String loginConfigName,
 
   731             String passwordFileName,
 
   742             String passwordFileName,
 
       
   743             boolean shouldHashPasswords,
 
   732             String accessFileName,
 
   744             String accessFileName,
 
   733             String bindAddress,
 
   745             String bindAddress,
 
   734             String jmxRmiFilter)
 
   746             String jmxRmiFilter)
 
   735             throws IOException, MalformedURLException {
 
   747             throws IOException, MalformedURLException {
 
   736 
   748 
   758             if (loginConfigName != null) {
 
   770             if (loginConfigName != null) {
 
   759                 env.put("jmx.remote.x.login.config", loginConfigName);
 
   771                 env.put("jmx.remote.x.login.config", loginConfigName);
 
   760             }
 
   772             }
 
   761             if (passwordFileName != null) {
 
   773             if (passwordFileName != null) {
 
   762                 env.put("jmx.remote.x.password.file", passwordFileName);
 
   774                 env.put("jmx.remote.x.password.file", passwordFileName);
 
       
   775             }
 
       
   776             if (shouldHashPasswords) {
 
       
   777                 env.put("jmx.remote.x.password.toHashes", "true");
 
   763             }
 
   778             }
 
   764 
   779 
   765             env.put("jmx.remote.x.access.file", accessFileName);
 
   780             env.put("jmx.remote.x.access.file", accessFileName);
 
   766 
   781 
   767             if (env.get("jmx.remote.x.password.file") != null ||
 
   782             if (env.get("jmx.remote.x.password.file") != null ||
jdk-sandbox