Path: blob/master/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation1Test.java
41159 views
/*1* Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 626183126* @summary Tests the use of the subject delegation feature in the27* RMI connector28* @author Luis-Miguel Alventosa29* @modules java.management.rmi30* java.management/com.sun.jmx.remote.security31* @run clean SubjectDelegation1Test SimpleStandard SimpleStandardMBean32* @run build SubjectDelegation1Test SimpleStandard SimpleStandardMBean33* @run main SubjectDelegation1Test policy11 ok34* @run main SubjectDelegation1Test policy12 ko35* @run main SubjectDelegation1Test policy13 ko36* @run main SubjectDelegation1Test policy14 ko37* @run main SubjectDelegation1Test policy15 ok38* @run main SubjectDelegation1Test policy16 ko39*/4041import com.sun.jmx.remote.security.JMXPluggableAuthenticator;42import java.io.File;43import java.lang.management.ManagementFactory;44import java.rmi.RemoteException;45import java.rmi.registry.LocateRegistry;46import java.rmi.registry.Registry;47import java.util.Collections;48import java.util.HashMap;49import java.util.Properties;50import javax.management.Attribute;51import javax.management.MBeanServer;52import javax.management.MBeanServerConnection;53import javax.management.Notification;54import javax.management.NotificationListener;55import javax.management.ObjectName;56import javax.management.remote.JMXConnector;57import javax.management.remote.JMXConnectorFactory;58import javax.management.remote.JMXConnectorServer;59import javax.management.remote.JMXConnectorServerFactory;60import javax.management.remote.JMXPrincipal;61import javax.management.remote.JMXServiceURL;62import javax.security.auth.Subject;6364public class SubjectDelegation1Test {6566public static void main(String[] args) throws Exception {67String policyFile = args[0];68String testResult = args[1];69System.out.println("Policy file = " + policyFile);70System.out.println("Expected test result = " + testResult);71JMXConnectorServer jmxcs = null;72JMXConnector jmxc = null;73try {74// Create an RMI registry75//76System.out.println("Start RMI registry...");77Registry reg = null;78int port = 5800;79while (port++ < 6000) {80try {81reg = LocateRegistry.createRegistry(port);82System.out.println("RMI registry running on port " + port);83break;84} catch (RemoteException e) {85// Failed to create RMI registry...86System.out.println("Failed to create RMI registry " +87"on port " + port);88}89}90if (reg == null) {91System.exit(1);92}93// Set the default password file94//95final String passwordFile = System.getProperty("test.src") +96File.separator + "jmxremote.password";97System.out.println("Password file = " + passwordFile);98// Set policy file99//100final String policy = System.getProperty("test.src") +101File.separator + policyFile;102System.out.println("PolicyFile = " + policy);103System.setProperty("java.security.policy", policy);104// Instantiate the MBean server105//106System.out.println("Create the MBean server");107MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();108// Register the SimpleStandardMBean109//110System.out.println("Create SimpleStandard MBean");111SimpleStandard s = new SimpleStandard("delegate");112mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));113// Create Properties containing the username/password entries114//115Properties props = new Properties();116props.setProperty("jmx.remote.x.password.file", passwordFile);117// Initialize environment map to be passed to the connector server118//119System.out.println("Initialize environment map");120HashMap env = new HashMap();121env.put("jmx.remote.authenticator",122new JMXPluggableAuthenticator(props));123// Create an RMI connector server124//125System.out.println("Create an RMI connector server");126JMXServiceURL url =127new JMXServiceURL("rmi", null, 0,128"/jndi/rmi://:" + port + "/server" + port);129jmxcs =130JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);131jmxcs.start();132// Create an RMI connector client133//134System.out.println("Create an RMI connector client");135HashMap cli_env = new HashMap();136// These credentials must match those in the default password file137//138String[] credentials = new String[] { "monitorRole" , "QED" };139cli_env.put("jmx.remote.credentials", credentials);140jmxc = JMXConnectorFactory.connect(url, cli_env);141Subject delegationSubject =142new Subject(true,143Collections.singleton(new JMXPrincipal("delegate")),144Collections.EMPTY_SET,145Collections.EMPTY_SET);146MBeanServerConnection mbsc =147jmxc.getMBeanServerConnection(delegationSubject);148// Get domains from MBeanServer149//150System.out.println("Domains:");151String domains[] = mbsc.getDomains();152for (int i = 0; i < domains.length; i++) {153System.out.println("\tDomain[" + i + "] = " + domains[i]);154}155// Get MBean count156//157System.out.println("MBean count = " + mbsc.getMBeanCount());158// Get State attribute159//160String oldState =161(String) mbsc.getAttribute(162new ObjectName("MBeans:type=SimpleStandard"),163"State");164System.out.println("Old State = \"" + oldState + "\"");165// Set State attribute166//167System.out.println("Set State to \"changed state\"");168mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"),169new Attribute("State", "changed state"));170// Get State attribute171//172String newState =173(String) mbsc.getAttribute(174new ObjectName("MBeans:type=SimpleStandard"),175"State");176System.out.println("New State = \"" + newState + "\"");177if (!newState.equals("changed state")) {178System.out.println("Invalid State = \"" + newState + "\"");179System.exit(1);180}181// Add notification listener on SimpleStandard MBean182//183System.out.println("Add notification listener...");184mbsc.addNotificationListener(185new ObjectName("MBeans:type=SimpleStandard"),186new NotificationListener() {187public void handleNotification(Notification notification,188Object handback) {189System.out.println("Received notification: " +190notification);191}192},193null,194null);195// Unregister SimpleStandard MBean196//197System.out.println("Unregister SimpleStandard MBean...");198mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));199} catch (SecurityException e) {200if (testResult.equals("ko")) {201System.out.println("Got expected security exception = " + e);202} else {203System.out.println("Got unexpected security exception = " + e);204e.printStackTrace();205throw e;206}207} catch (Exception e) {208System.out.println("Unexpected exception caught = " + e);209e.printStackTrace();210throw e;211} finally {212// Close connector client213//214if (jmxc != null)215jmxc.close();216// Stop connector server217//218if (jmxcs != null)219jmxcs.stop();220// Say goodbye221//222System.out.println("Bye! Bye!");223}224}225}226227228