Path: blob/master/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation3Test.java
41159 views
/*1* Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 626183126* @summary Tests the use of the subject delegation feature on the authenticated27* principals within the RMI connector server's creator codebase with28* subject delegation.29* @author Luis-Miguel Alventosa30* @modules java.management.rmi31* java.management/com.sun.jmx.remote.security32* @run clean SubjectDelegation3Test SimpleStandard SimpleStandardMBean33* @run build SubjectDelegation3Test SimpleStandard SimpleStandardMBean34* @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy31 ok35* @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy32 ko36* @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy33 ko37* @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy34 ok38* @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy35 ko39*/4041import com.sun.jmx.remote.security.JMXPluggableAuthenticator;42import java.io.File;43import java.lang.management.ManagementFactory;44import java.rmi.RemoteException;45import java.rmi.registry.LocateRegistry;46import java.rmi.registry.Registry;47import java.util.Collections;48import java.util.HashMap;49import java.util.Properties;50import javax.management.Attribute;51import javax.management.MBeanServer;52import javax.management.MBeanServerConnection;53import javax.management.Notification;54import javax.management.NotificationListener;55import javax.management.ObjectName;56import javax.management.remote.JMXConnector;57import javax.management.remote.JMXConnectorFactory;58import javax.management.remote.JMXConnectorServer;59import javax.management.remote.JMXConnectorServerFactory;60import javax.management.remote.JMXPrincipal;61import javax.management.remote.JMXServiceURL;62import javax.security.auth.Subject;6364public class SubjectDelegation3Test {6566public static void main(String[] args) throws Exception {67String policyFile = args[0];68String testResult = args[1];69System.out.println("Policy file = " + policyFile);70System.out.println("Expected test result = " + testResult);71JMXConnectorServer jmxcs = null;72JMXConnector jmxc = null;73try {74// Create an RMI registry75//76System.out.println("Start RMI registry...");77Registry reg = null;78int port = 5800;79while (port++ < 6000) {80try {81reg = LocateRegistry.createRegistry(port);82System.out.println("RMI registry running on port " + port);83break;84} catch (RemoteException e) {85// Failed to create RMI registry...86System.out.println("Failed to create RMI registry " +87"on port " + port);88}89}90if (reg == null) {91System.exit(1);92}93// Set the default password file94//95final String passwordFile = System.getProperty("test.src") +96File.separator + "jmxremote.password";97System.out.println("Password file = " + passwordFile);98// Set policy file99//100final String policy = System.getProperty("test.src") +101File.separator + policyFile;102System.out.println("PolicyFile = " + policy);103System.setProperty("java.security.policy", policy);104// Instantiate the MBean server105//106System.out.println("Create the MBean server");107MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();108// Register the SimpleStandardMBean109//110System.out.println("Create SimpleStandard MBean");111SimpleStandard s = new SimpleStandard("delegate");112mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));113// Create Properties containing the username/password entries114//115Properties props = new Properties();116props.setProperty("jmx.remote.x.password.file", passwordFile);117// Initialize environment map to be passed to the connector server118//119System.out.println("Initialize environment map");120HashMap env = new HashMap();121env.put("jmx.remote.authenticator",122new JMXPluggableAuthenticator(props));123// Set Security Manager124//125System.setSecurityManager(new SecurityManager());126// Create an RMI connector server127//128System.out.println("Create an RMI connector server");129JMXServiceURL url =130new JMXServiceURL("rmi", null, 0);131jmxcs =132JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);133jmxcs.start();134// Create an RMI connector client135//136System.out.println("Create an RMI connector client");137HashMap cli_env = new HashMap();138// These credentials must match those in the default password file139//140String[] credentials = new String[] { "monitorRole" , "QED" };141cli_env.put("jmx.remote.credentials", credentials);142jmxc = JMXConnectorFactory.connect(jmxcs.getAddress(), cli_env);143Subject delegationSubject =144new Subject(true,145Collections.singleton(new JMXPrincipal("delegate")),146Collections.EMPTY_SET,147Collections.EMPTY_SET);148MBeanServerConnection mbsc =149jmxc.getMBeanServerConnection(delegationSubject);150// Get domains from MBeanServer151//152System.out.println("Domains:");153String domains[] = mbsc.getDomains();154for (int i = 0; i < domains.length; i++) {155System.out.println("\tDomain[" + i + "] = " + domains[i]);156}157// Get MBean count158//159System.out.println("MBean count = " + mbsc.getMBeanCount());160// Get State attribute161//162String oldState =163(String) mbsc.getAttribute(164new ObjectName("MBeans:type=SimpleStandard"),165"State");166System.out.println("Old State = \"" + oldState + "\"");167// Set State attribute168//169System.out.println("Set State to \"changed state\"");170mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"),171new Attribute("State", "changed state"));172// Get State attribute173//174String newState =175(String) mbsc.getAttribute(176new ObjectName("MBeans:type=SimpleStandard"),177"State");178System.out.println("New State = \"" + newState + "\"");179if (!newState.equals("changed state")) {180System.out.println("Invalid State = \"" + newState + "\"");181System.exit(1);182}183// Add notification listener on SimpleStandard MBean184//185System.out.println("Add notification listener...");186mbsc.addNotificationListener(187new ObjectName("MBeans:type=SimpleStandard"),188new NotificationListener() {189public void handleNotification(Notification notification,190Object handback) {191System.out.println("Received notification: " +192notification);193}194},195null,196null);197// Unregister SimpleStandard MBean198//199System.out.println("Unregister SimpleStandard MBean...");200mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));201} catch (SecurityException e) {202if (testResult.equals("ko")) {203System.out.println("Got expected security exception = " + e);204} else {205System.out.println("Got unexpected security exception = " + e);206e.printStackTrace();207throw e;208}209} catch (Exception e) {210System.out.println("Unexpected exception caught = " + e);211e.printStackTrace();212throw e;213} finally {214// Close connector client215//216if (jmxc != null)217jmxc.close();218// Stop connector server219//220if (jmxcs != null)221jmxcs.stop();222// Say goodbye223//224System.out.println("Bye! Bye!");225}226}227}228229230