jdk/test/javax/management/remote/mandatory/passwordAccessFile/NonJMXPrincipalsTest.java
author ykantser
Thu, 07 May 2015 09:11:49 +0200
changeset 30376 2ccf2cf7ea48
parent 5506 202f599c92aa
child 43503 bc7f8619ab70
permissions -rw-r--r--
8078896: Add @modules as needed to the jdk_svc tests Reviewed-by: alanb, mchung

/*
 * Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

/*
 * @test
 * @bug 5025141
 * @summary Tests that MBeanServerFileAccessController supports
 *          principals other than JMXPrincipal.
 * @author Luis-Miguel Alventosa
 * @modules java.management
 * @run clean NonJMXPrincipalsTest SimpleStandard SimpleStandardMBean
 * @run build NonJMXPrincipalsTest SimpleStandard SimpleStandardMBean
 * @run main NonJMXPrincipalsTest
 */

import java.io.File;
import java.io.Serializable;
import java.security.Principal;
import java.util.HashMap;
import javax.management.Attribute;
import javax.management.MBeanServer;
import javax.management.MBeanServerConnection;
import javax.management.MBeanServerFactory;
import javax.management.MBeanServerInvocationHandler;
import javax.management.Notification;
import javax.management.NotificationListener;
import javax.management.ObjectName;
import javax.management.remote.JMXAuthenticator;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXConnectorServer;
import javax.management.remote.JMXConnectorServerFactory;
import javax.management.remote.JMXPrincipal;
import javax.management.remote.JMXServiceURL;
import javax.security.auth.Subject;

public class NonJMXPrincipalsTest {

    private static class OtherPrincipal implements Principal, Serializable {

        private String name;

        public OtherPrincipal(String name) {
            if (name == null)
                throw new NullPointerException("illegal null input");
            this.name = name;
        }

        public String getName() {
            return name;
        }

        public String toString() {
            return("OtherPrincipal:  " + name);
        }

        public boolean equals(Object o) {
            if (o == null)
                return false;
            if (this == o)
                return true;
            if (!(o instanceof OtherPrincipal))
                return false;
            OtherPrincipal that = (OtherPrincipal)o;
            return (this.getName().equals(that.getName()));
        }

        public int hashCode() {
            return name.hashCode();
        }
    }

    private static class OtherPrincipalAuthenticator
        implements JMXAuthenticator {
        public Subject authenticate(Object credentials) {
            final String[] aCredentials = (String[]) credentials;
            final String username = (String) aCredentials[0];
            final Subject subject = new Subject();
            subject.getPrincipals().add(new JMXPrincipal("dummy"));
            subject.getPrincipals().add(new OtherPrincipal(username));
            return subject;
        }
    }

    private static class NoPrincipalAuthenticator
        implements JMXAuthenticator {
        public Subject authenticate(Object credentials) {
            return new Subject();
        }
    }

    public static void runTest(JMXAuthenticator authenticator)
        throws Exception {
        //------------------------------------------------------------------
        // SERVER
        //------------------------------------------------------------------

        // Instantiate the MBean server
        //
        System.out.println("Create the MBean server");
        MBeanServer mbs = MBeanServerFactory.createMBeanServer();

        // Create SimpleStandard MBean
        //
        ObjectName mbeanName = new ObjectName("MBeans:type=SimpleStandard");
        System.out.println("Create SimpleStandard MBean...");
        mbs.createMBean("SimpleStandard", mbeanName, null, null);

        // Server's environment map
        //
        System.out.println(">>> Initialize the server's environment map");
        HashMap sEnv = new HashMap();

        // Provide a JMX Authenticator
        //
        sEnv.put("jmx.remote.authenticator", authenticator);

        // Provide the access level file used by the connector server to
        // perform user authorization. The access level file is a properties
        // based text file specifying username/access level pairs where
        // access level is either "readonly" or "readwrite" access to the
        // MBeanServer operations. This properties based access control
        // checker has been implemented using the MBeanServerForwarder
        // interface which wraps the real MBean server inside an access
        // controller MBean server which performs the access control checks
        // before forwarding the requests to the real MBean server.
        //
        // This property is implementation-dependent and might not be
        // supported by all implementations of the JMX Remote API.
        //
        sEnv.put("jmx.remote.x.access.file",
                 System.getProperty("test.src") +
                 File.separator +
                 "access.properties");

        // Create an RMI connector server
        //
        System.out.println("Create an RMI connector server");
        JMXServiceURL url = new JMXServiceURL("service:jmx:rmi://");
        JMXConnectorServer cs =
            JMXConnectorServerFactory.newJMXConnectorServer(url, sEnv, mbs);

        // Start the RMI connector server
        //
        System.out.println("Start the RMI connector server");
        cs.start();
        System.out.println("RMI connector server successfully started");
        System.out.println("Waiting for incoming connections...");

        //------------------------------------------------------------------
        // CLIENT (admin)
        //------------------------------------------------------------------

        // Admin client environment map
        //
        String[] adminCreds = new String[] { "admin" , "adminPassword" };
        System.out.println(">>> Initialize the client environment map for" +
                           " user [" + adminCreds[0] + "] with " +
                           "password [" + adminCreds[1] + "]");
        HashMap adminEnv = new HashMap();
        adminEnv.put("jmx.remote.credentials", adminCreds);

        // Create an RMI connector client and
        // connect it to the RMI connector server
        //
        System.out.println("Create an RMI connector client and " +
                           "connect it to the RMI connector server");
        JMXConnector adminConnector =
            JMXConnectorFactory.connect(cs.getAddress(), adminEnv);

        // Get an MBeanServerConnection
        //
        System.out.println("Get an MBeanServerConnection");
        MBeanServerConnection adminConnection =
            adminConnector.getMBeanServerConnection();

        // Get the proxy for the Simple MBean
        //
        SimpleStandardMBean adminProxy = (SimpleStandardMBean)
            MBeanServerInvocationHandler.newProxyInstance(
                                                 adminConnection,
                                                 mbeanName,
                                                 SimpleStandardMBean.class,
                                                 false);

        // Get State attribute
        //
        System.out.println("State = " + adminProxy.getState());

        // Set State attribute
        //
        adminProxy.setState("changed state");

        // Get State attribute
        //
        System.out.println("State = " + adminProxy.getState());

        // Invoke "reset" in SimpleStandard MBean
        //
        System.out.println("Invoke reset() in SimpleStandard MBean...");
        adminProxy.reset();

        // Close MBeanServer connection
        //
        System.out.println("Close the admin connection to the server");
        adminConnector.close();

        //------------------------------------------------------------------
        // CLIENT (user)
        //------------------------------------------------------------------

        // User client environment map
        //
        String[] userCreds = new String[] { "user" , "userPassword" };
        System.out.println(">>> Initialize the client environment map for" +
                           " user [" + userCreds[0] + "] with " +
                           "password [" + userCreds[1] + "]");
        HashMap userEnv = new HashMap();
        userEnv.put("jmx.remote.credentials", userCreds);

        // Create an RMI connector client and
        // connect it to the RMI connector server
        //
        System.out.println("Create an RMI connector client and " +
                           "connect it to the RMI connector server");
        JMXConnector userConnector =
            JMXConnectorFactory.connect(cs.getAddress(), userEnv);

        // Get an MBeanServerConnection
        //
        System.out.println("Get an MBeanServerConnection");
        MBeanServerConnection userConnection =
            userConnector.getMBeanServerConnection();

        // Get the proxy for the Simple MBean
        //
        SimpleStandardMBean userProxy = (SimpleStandardMBean)
            MBeanServerInvocationHandler.newProxyInstance(
                                                 userConnection,
                                                 mbeanName,
                                                 SimpleStandardMBean.class,
                                                 false);

        // Get State attribute
        //
        System.out.println("State = " + userProxy.getState());

        // Set State attribute
        //
        try {
            userProxy.setState("changed state");
        } catch (SecurityException e) {
            System.out.println("Got expected security exception: " + e);
        } catch (Exception e) {
            System.out.println("Got unexpected exception: " + e);
            e.printStackTrace(System.out);
        }

        // Get State attribute
        //
        System.out.println("State = " + userProxy.getState());

        // Invoke "reset" in SimpleStandard MBean
        //
        try {
            System.out.println("Invoke reset() in SimpleStandard MBean...");
            userProxy.reset();
        } catch (SecurityException e) {
            System.out.println("Got expected security exception: " + e);
        } catch (Exception e) {
            System.out.println("Got unexpected exception: " + e);
            e.printStackTrace(System.out);
        }

        // Close MBeanServer connection
        //
        System.out.println("Close the user connection to the server");
        userConnector.close();

        //------------------------------------------------------------------
        // SERVER
        //------------------------------------------------------------------

        // Stop the connector server
        //
        System.out.println(">>> Stop the connector server");
        cs.stop();
    }

    public static void main(String[] args) {
        int errorCount = 0;
        // Runt tests
        //
        System.out.println("\n>>> Run NoPrincipalAuthenticator test...");
        try {
            NonJMXPrincipalsTest.runTest(new NoPrincipalAuthenticator());
            System.out.println("Did not get expected SecurityException");
            errorCount++;
        } catch (Exception e) {
            if (e instanceof SecurityException) {
                System.out.println("Got expected exception: " + e);
            } else {
                System.out.println("Got unexpected exception: " + e);
                errorCount++;
            }
            e.printStackTrace(System.out);
        }
        System.out.println("\n>>> Run OtherPrincipalAuthenticator test...");
        try {
            NonJMXPrincipalsTest.runTest(new OtherPrincipalAuthenticator());
        } catch (Exception e) {
            errorCount++;
            System.out.println("Got unexpected exception: " + e);
            e.printStackTrace(System.out);
        }

        if (errorCount > 0) {
            System.out.println("\nTEST FAILED! Error count = " + errorCount);
            System.exit(1);
        }

        System.out.println("\nTEST PASSED!");
        System.out.println("\nBye! Bye!");
    }
}