Path: blob/master/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation2Test.java
41159 views
/*1* Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 626183126* @summary Tests the use of the subject delegation feature on the authenticated27* principals within the RMI connector server's creator codebase.28* @author Luis-Miguel Alventosa29* @modules java.management.rmi30* java.management/com.sun.jmx.remote.security31* @run clean SubjectDelegation2Test SimpleStandard SimpleStandardMBean32* @run build SubjectDelegation2Test SimpleStandard SimpleStandardMBean33* @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy21 ok34* @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy22 ko35* @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy23 ko36* @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy24 ok37* @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy25 ko38*/3940import com.sun.jmx.remote.security.JMXPluggableAuthenticator;41import java.io.File;42import java.lang.management.ManagementFactory;43import java.rmi.RemoteException;44import java.rmi.registry.LocateRegistry;45import java.rmi.registry.Registry;46import java.util.HashMap;47import java.util.Properties;48import javax.management.Attribute;49import javax.management.MBeanServer;50import javax.management.MBeanServerConnection;51import javax.management.Notification;52import javax.management.NotificationListener;53import javax.management.ObjectName;54import javax.management.remote.JMXConnector;55import javax.management.remote.JMXConnectorFactory;56import javax.management.remote.JMXConnectorServer;57import javax.management.remote.JMXConnectorServerFactory;58import javax.management.remote.JMXServiceURL;5960public class SubjectDelegation2Test {6162public static void main(String[] args) throws Exception {63String policyFile = args[0];64String testResult = args[1];65System.out.println("Policy file = " + policyFile);66System.out.println("Expected test result = " + testResult);67JMXConnectorServer jmxcs = null;68JMXConnector jmxc = null;69try {70// Create an RMI registry71//72System.out.println("Start RMI registry...");73Registry reg = null;74int port = 5800;75while (port++ < 6000) {76try {77reg = LocateRegistry.createRegistry(port);78System.out.println("RMI registry running on port " + port);79break;80} catch (RemoteException e) {81// Failed to create RMI registry...82System.out.println("Failed to create RMI registry " +83"on port " + port);84}85}86if (reg == null) {87System.exit(1);88}89// Set the default password file90//91final String passwordFile = System.getProperty("test.src") +92File.separator + "jmxremote.password";93System.out.println("Password file = " + passwordFile);94// Set policy file95//96final String policy = System.getProperty("test.src") +97File.separator + policyFile;98System.out.println("PolicyFile = " + policy);99System.setProperty("java.security.policy", policy);100// Instantiate the MBean server101//102System.out.println("Create the MBean server");103MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();104// Register the SimpleStandardMBean105//106System.out.println("Create SimpleStandard MBean");107SimpleStandard s = new SimpleStandard("monitorRole");108mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));109// Create Properties containing the username/password entries110//111Properties props = new Properties();112props.setProperty("jmx.remote.x.password.file", passwordFile);113// Initialize environment map to be passed to the connector server114//115System.out.println("Initialize environment map");116HashMap env = new HashMap();117env.put("jmx.remote.authenticator",118new JMXPluggableAuthenticator(props));119// Set Security Manager120//121System.setSecurityManager(new SecurityManager());122// Create an RMI connector server123//124System.out.println("Create an RMI connector server");125JMXServiceURL url = new JMXServiceURL("rmi", null, 0);126127jmxcs =128JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);129jmxcs.start();130// Create an RMI connector client131//132System.out.println("Create an RMI connector client");133HashMap cli_env = new HashMap();134// These credentials must match those in the default password file135//136String[] credentials = new String[] { "monitorRole" , "QED" };137cli_env.put("jmx.remote.credentials", credentials);138jmxc = JMXConnectorFactory.connect(jmxcs.getAddress(), cli_env);139MBeanServerConnection mbsc = jmxc.getMBeanServerConnection();140// Get domains from MBeanServer141//142System.out.println("Domains:");143String domains[] = mbsc.getDomains();144for (int i = 0; i < domains.length; i++) {145System.out.println("\tDomain[" + i + "] = " + domains[i]);146}147// Get MBean count148//149System.out.println("MBean count = " + mbsc.getMBeanCount());150// Get State attribute151//152String oldState =153(String) mbsc.getAttribute(154new ObjectName("MBeans:type=SimpleStandard"),155"State");156System.out.println("Old State = \"" + oldState + "\"");157// Set State attribute158//159System.out.println("Set State to \"changed state\"");160mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"),161new Attribute("State", "changed state"));162// Get State attribute163//164String newState =165(String) mbsc.getAttribute(166new ObjectName("MBeans:type=SimpleStandard"),167"State");168System.out.println("New State = \"" + newState + "\"");169if (!newState.equals("changed state")) {170System.out.println("Invalid State = \"" + newState + "\"");171System.exit(1);172}173// Add notification listener on SimpleStandard MBean174//175System.out.println("Add notification listener...");176mbsc.addNotificationListener(177new ObjectName("MBeans:type=SimpleStandard"),178new NotificationListener() {179public void handleNotification(Notification notification,180Object handback) {181System.out.println("Received notification: " +182notification);183}184},185null,186null);187// Unregister SimpleStandard MBean188//189System.out.println("Unregister SimpleStandard MBean...");190mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));191} catch (SecurityException e) {192if (testResult.equals("ko")) {193System.out.println("Got expected security exception = " + e);194} else {195System.out.println("Got unexpected security exception = " + e);196e.printStackTrace();197throw e;198}199} catch (Exception e) {200System.out.println("Unexpected exception caught = " + e);201e.printStackTrace();202throw e;203} finally {204// Close connector client205//206if (jmxc != null)207jmxc.close();208// Stop connector server209//210if (jmxcs != null)211jmxcs.stop();212// Say goodbye213//214System.out.println("Bye! Bye!");215}216}217}218219220