diff options
| author | Martin Ritchie <ritchiem@apache.org> | 2008-12-12 11:28:49 +0000 |
|---|---|---|
| committer | Martin Ritchie <ritchiem@apache.org> | 2008-12-12 11:28:49 +0000 |
| commit | b3b5ebbe8ba5ac5870b826dbf282eefa5a8dc6e4 (patch) | |
| tree | 9458336abc5c6c74e04344d6b7beae579336bac3 /qpid/java/management/eclipse-plugin/src | |
| parent | 6b78c074435c5a49e5bdc649df0c05dcf0d26332 (diff) | |
| download | qpid-python-b3b5ebbe8ba5ac5870b826dbf282eefa5a8dc6e4.tar.gz | |
QPID-1506 : Patch provided by Robert Gemmell to autonegotiate connections
git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk@725970 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/management/eclipse-plugin/src')
3 files changed, 161 insertions, 75 deletions
diff --git a/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/ApplicationRegistry.java b/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/ApplicationRegistry.java index 373ac24e0f..f3b9943cbb 100644 --- a/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/ApplicationRegistry.java +++ b/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/ApplicationRegistry.java @@ -42,7 +42,6 @@ public abstract class ApplicationRegistry private static ImageRegistry imageRegistry = new ImageRegistry(); private static FontRegistry fontRegistry = new FontRegistry(); public static final boolean debug = Boolean.getBoolean("eclipse.consoleLog"); - public static final String securityMechanism = System.getProperty("security", null); public static final long timeout = Long.parseLong(System.getProperty("timeout", "5000")); static @@ -133,10 +132,5 @@ public abstract class ApplicationRegistry _closedServerList.clear(); return list; } - - public static String getSecurityMechanism() - { - return securityMechanism; - } } diff --git a/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/jmx/JMXServerRegistry.java b/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/jmx/JMXServerRegistry.java index bc37521ded..b27661e56c 100644 --- a/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/jmx/JMXServerRegistry.java +++ b/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/jmx/JMXServerRegistry.java @@ -22,6 +22,7 @@ package org.apache.qpid.management.ui.jmx; import static org.apache.qpid.management.ui.Constants.*; +import java.io.IOException; import java.security.Security; import java.util.ArrayList; import java.util.Collections; @@ -65,6 +66,7 @@ public class JMXServerRegistry extends ServerRegistry private JMXConnector _jmxc = null; private MBeanServerConnection _mbsc = null; private Exception _connectionException = null; + private String _securityMechanism = null; private List<String> _usersList; // When an mbean gets removed from mbean server, then the notification listener @@ -97,101 +99,181 @@ public class JMXServerRegistry extends ServerRegistry public JMXServerRegistry(ManagedServer server) throws Exception { super(server); - String securityMechanism = ApplicationRegistry.getSecurityMechanism(); - - if (securityMechanism != null) - { - createSASLConnector(securityMechanism); + + long timeNow; + + //auto-negotiate an RMI or JMXMP (SASL/CRAM-MD5 or SASL/PLAIN) JMX connection to broker + try + { + timeNow = System.currentTimeMillis(); + createJMXconnector("RMI"); + } + catch (IOException rmiIOE) + { + // check if the ioe was raised because we tried connecting to a non RMI-JRMP based JMX server + boolean jrmpServer = !rmiIOE.getMessage().contains("non-JRMP server at remote endpoint"); + + if (jrmpServer) + { + IOException nioe = new IOException(); + nioe.initCause(rmiIOE); + throw nioe; + } + else + { + try + { + //It wasnt an RMI ConnectorServer at the broker end. Try to establish a JMXMP SASL/CRAM-MD5 connection instead. + timeNow = System.currentTimeMillis(); + createJMXconnector("JMXMP_CRAM-MD5"); + } + catch (IOException cramIOE) + { + // check if the IOE was raised because we tried connecting to a SASL/PLAIN server using SASL/CRAM-MD5 + boolean plainProfileServer = cramIOE.getMessage().contains("The server supported profiles [SASL/PLAIN]" + + " do not match the client required profiles [SASL/CRAM-MD5]"); + + if (!plainProfileServer) + { + IOException nioe = new IOException(); + nioe.initCause(cramIOE); + throw nioe; + } + else + { + try + { + // Try to establish a JMXMP SASL/PLAIN connection instead. + timeNow = System.currentTimeMillis(); + createJMXconnector("JMXMP_PLAIN"); + } + catch (IOException plainIOE) + { + /* Out of options now. Check that the IOE was raised because we tried connecting to a server + * which didnt support SASL/PLAIN. If so, signal an unknown profile type. If not, raise the exception. */ + boolean unknownProfile = cramIOE.getMessage().contains("do not match the client required profiles [SASL/PLAIN]"); + + if (unknownProfile) + { + throw new Exception("Unknown JMXMP authentication mechanism, unable to connect."); + } + else + { + IOException nioe = new IOException(); + nioe.initCause(plainIOE); + throw nioe; + } + } + } + } + } + } + + if (_connected) + { + _mbsc = _jmxc.getMBeanServerConnection(); + + _clientListener = new ClientListener(server); + _notificationListener = new ClientNotificationListener(server); + + _jmxc.addConnectionNotificationListener(_clientListener, null, null); + _serverObjectName = new ObjectName("JMImplementation:type=MBeanServerDelegate"); + _mbsc.addNotificationListener(_serverObjectName, _clientListener, null, null); } else { - _jmxUrl = new JMXServiceURL(server.getUrl()); - _jmxc = JMXConnectorFactory.connect(_jmxUrl, null); + if (System.currentTimeMillis() - timeNow >= ApplicationRegistry.timeout) + throw new Exception("Qpid server connection timed out"); + else + throw new Exception("Qpid server connection failed"); } - - _mbsc = _jmxc.getMBeanServerConnection(); - - _clientListener = new ClientListener(server); - _notificationListener = new ClientNotificationListener(server); - - _jmxc.addConnectionNotificationListener(_clientListener, null, null); - _serverObjectName = new ObjectName("JMImplementation:type=MBeanServerDelegate"); - _mbsc.addNotificationListener(_serverObjectName, _clientListener, null, null); } - + public MBeanServerConnection getServerConnection() { return _mbsc; } - - private void createSASLConnector(String mech) throws Exception + + private void createJMXconnector(String connectionType) throws IOException, Exception { - String text = "Security mechanism " + mech + " is not supported."; - String jmxmpcClass="javax.management.remote.jmxmp.JMXMPConnector"; - // Check if the JMXMPConnector is available to provide SASL support - try + if (connectionType == "RMI") { - Class connectorClass = Class.forName(jmxmpcClass, false, this.getClass().getClassLoader()); + _securityMechanism = MECH_PLAIN; + + _jmxUrl = new JMXServiceURL(getManagedServer().getUrl()); + _env = null; } - catch(ClassNotFoundException cnfe) + else if (connectionType.contains("JMXMP")) { - throw new Exception("JMXMPConnector class was not found, security unavailable."); - } + // Check that the JMXMPConnector is available to provide SASL support + final String jmxmpcClass = "javax.management.remote.jmxmp.JMXMPConnector"; - _jmxUrl = new JMXServiceURL("jmxmp", getManagedServer().getHost(), getManagedServer().getPort()); - _env = new HashMap<String, Object>(); - CallbackHandler handler; - - /* set the package in which to find the JMXMP ClientProvider.class file - * loaded by the jmxremote.sasl plugin (from the jmxremote_optional.jar) */ - _env.put("jmx.remote.protocol.provider.pkgs","com.sun.jmx.remote.protocol"); + try + { + Class.forName(jmxmpcClass, false, this.getClass().getClassLoader()); + } + catch (ClassNotFoundException cnfe) + { + throw new Exception("JMXMPConnector class not found, unable to connect to specified server.\n\n" + + "Please add the jmxremote_optional.jar to the jmxremote.sasl plugin folder, or the classpath."); + } - if (MECH_CRAMMD5.equals(mech)) - { - // For SASL/CRAM-MD5 - Map<String, Class<? extends SaslClientFactory>> map = new HashMap<String, Class<? extends SaslClientFactory>>(); - Class<?> clazz = Class.forName("org.apache.qpid.management.ui.sasl.CRAMMD5HashedSaslClientFactory"); - map.put("CRAM-MD5-HASHED", (Class<? extends SaslClientFactory>) clazz); + _jmxUrl = new JMXServiceURL("jmxmp", getManagedServer().getHost(), getManagedServer().getPort()); + _env = new HashMap<String, Object>(); - Security.addProvider(new JCAProvider(map)); - handler = new UsernameHashedPasswordCallbackHandler(getManagedServer().getUser(), - getManagedServer().getPassword()); - _env.put("jmx.remote.profiles", SASL_CRAMMD5); - _env.put("jmx.remote.sasl.callback.handler", handler); - - } - else if (MECH_PLAIN.equals(mech)) - { - // For SASL/PLAIN - Security.addProvider(new SaslProvider()); - handler = new UserPasswordCallbackHandler(getManagedServer().getUser(), getManagedServer().getPassword()); - _env.put("jmx.remote.profiles", SASL_PLAIN); - _env.put("jmx.remote.sasl.callback.handler", handler); + /* set the package in which to find the JMXMP ClientProvider.class file loaded by the + * jmxremote.sasl plugin (from the jmxremote_optional.jar) */ + _env.put("jmx.remote.protocol.provider.pkgs", "com.sun.jmx.remote.protocol"); + + if (connectionType == "JMXMP_CRAM-MD5") + { + _securityMechanism = MECH_CRAMMD5; + + Map<String, Class<? extends SaslClientFactory>> map = new HashMap<String, Class<? extends SaslClientFactory>>(); + Class<?> clazz = Class.forName("org.apache.qpid.management.ui.sasl.CRAMMD5HashedSaslClientFactory"); + map.put("CRAM-MD5-HASHED", (Class<? extends SaslClientFactory>) clazz); + Security.addProvider(new JCAProvider(map)); + + CallbackHandler handler = new UsernameHashedPasswordCallbackHandler( + getManagedServer().getUser(), + getManagedServer().getPassword()); + _env.put("jmx.remote.profiles", SASL_CRAMMD5); + _env.put("jmx.remote.sasl.callback.handler", handler); + } + else if (connectionType == "JMXMP_PLAIN") + { + _securityMechanism = MECH_PLAIN; + + Security.addProvider(new SaslProvider()); + CallbackHandler handler = new UserPasswordCallbackHandler(getManagedServer().getUser(), getManagedServer().getPassword()); + _env.put("jmx.remote.profiles", SASL_PLAIN); + _env.put("jmx.remote.sasl.callback.handler", handler); + } + else + { + throw new Exception("Unknown authentication mechanism"); + } } else { - MBeanUtility.printOutput(text); - throw new Exception(text); + throw new Exception("Unknown connection type"); } Thread connectorThread = new Thread(new ConnectorThread()); connectorThread.start(); - long timeNow = System.currentTimeMillis(); connectorThread.join(ApplicationRegistry.timeout); - + if (_connectionException != null) { throw _connectionException; } - if (!_connected) - { - if (System.currentTimeMillis() - timeNow >= ApplicationRegistry.timeout) - throw new Exception("Qpid server connection timed out"); - else - throw new Exception("Qpid server connection failed"); - } } - + + public String getSecurityMechanism() + { + return _securityMechanism; + } + private class ConnectorThread implements Runnable { public void run() @@ -208,10 +290,10 @@ public class JMXServerRegistry extends ServerRegistry catch (Exception ex) { _connectionException = ex; - MBeanUtility.printStackTrace(ex); } } } + /** * removes all listeners from the mbean server. This is required when user * disconnects the Qpid server connection diff --git a/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java b/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java index f2cd594684..6426a91e59 100644 --- a/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java +++ b/qpid/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java @@ -22,7 +22,6 @@ package org.apache.qpid.management.ui.views; import java.util.ArrayList; import java.util.Collection; -import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map.Entry; @@ -34,6 +33,8 @@ import static org.apache.qpid.management.ui.Constants.*; import org.apache.qpid.management.ui.ApplicationRegistry; import org.apache.qpid.management.ui.ManagedBean; +import org.apache.qpid.management.ui.ServerRegistry; +import org.apache.qpid.management.ui.jmx.JMXServerRegistry; import org.apache.qpid.management.ui.jmx.MBeanUtility; import org.apache.qpid.management.ui.model.OperationData; import org.apache.qpid.management.ui.model.ParameterData; @@ -69,6 +70,7 @@ import org.eclipse.ui.forms.widgets.FormToolkit; * Control class for the MBean operations tab. It creates the required widgets * for the selected MBean. * @author Bhupendra Bhardwaj + * @author Robert Gemmell */ public class OperationTabControl extends TabControl { @@ -604,7 +606,15 @@ public class OperationTabControl extends TabControl } // customized for passwords - String securityMechanism = ApplicationRegistry.getSecurityMechanism(); + String securityMechanism = ""; + ServerRegistry serverReg = ApplicationRegistry.getServerRegistry(_mbean); + + if (serverReg instanceof JMXServerRegistry) + { + JMXServerRegistry jmxServerReg = (JMXServerRegistry) ApplicationRegistry.getServerRegistry(_mbean); + securityMechanism = jmxServerReg.getSecurityMechanism(); + } + if ((MECH_CRAMMD5.equals(securityMechanism)) && PASSWORD.equalsIgnoreCase(param.getName())) { try |