/** Returns true if the classname of associated authrealm is same as fully qualified FileRealm classname. * * @param as "This" Admin Service * @return true if associated authrealm is nonnull and its classname equals "com.sun.enterprise.security.auth.realm.file.FileRealm", false otherwise */ public static boolean usesFileRealm(AdminService as) { boolean usesFR = false; AuthRealm ar = as.getAssociatedAuthRealm(); //Note: This is type unsafe. if (ar != null && "com.sun.enterprise.security.auth.realm.file.FileRealm".equals(ar.getClassname())) usesFR = true; return usesFR; } }
public static JmxConnector getSystemJmxConnector(AdminService as) { List<JmxConnector> connectors = as.getJmxConnector(); for (JmxConnector connector : connectors) { if (as.getSystemJmxConnectorName().equals(connector.getName())) { return connector; } } return null; }
String realm = as.getSystemJmxConnector().getAuthRealmName(); //yes, for backward compatibility; if (realm == null) realm = as.getAuthRealmName();
public Object run(Config config) throws PropertyVetoException, TransactionFailure { AdminService adminService = config.createChild(AdminService.class); config.setAdminService(adminService); //dasConfig cannot be null. Add a dummy. DasConfig dc = adminService.createChild(DasConfig.class); adminService.setDasConfig(dc); for (int i = 0; i < parser.getAttributeCount(); i++) { String attr = parser.getAttributeLocalName(i); String val = parser.getAttributeValue(i); if (attr.equals("system-jmx-connector-name")) { adminService.setSystemJmxConnectorName(val); } if (attr.equals("type")) { adminService.setType(val); } } createJmxConnector(adminService); createAdminServiceProperty(adminService); return null; } }
@Override public Object run(AdminService adminService) throws PropertyVetoException, TransactionFailure { Property newProp = adminService.createChild(Property.class); adminService.getProperty().add(newProp); newProp.setName(propName); newProp.setValue(propValue); return newProp; } }, adminService);
AuthRealm realm = as.getAssociatedAuthRealm(); if (realm == null) { throw new RuntimeException("Warning: Configuration is bad, realm: " + as.getAuthRealmName() + " does not exist!");
for( JmxConnector jmxConnector : service.getJmxConnector()){ Ssl sslElement = jmxConnector.getSsl(); if(sslElement != null) {
if (parser.next() == START_ELEMENT) { if (parser.getLocalName().equals("jmx-connector")) { JmxConnector jc = as.createChild(JmxConnector.class); as.getJmxConnector().add(jc); for (int i = 0; i < parser.getAttributeCount(); i++) { String attr = parser.getAttributeLocalName(i);
@Override public synchronized void postConstruct() { secureAdmin = domain.getSecureAdmin(); // Ensure that the admin password is set as required if (as.usesFileRealm()) { try { AuthRealm ar = as.getAssociatedAuthRealm(); if (FileRealm.class.getName().equals(ar.getClassname())) { String adminKeyFilePath = ar.getPropertyValue("file"); FileRealm fr = new FileRealm(adminKeyFilePath); if (!fr.hasAuthenticatableUser()) { ADMSEC_LOGGER.log(Level.SEVERE, AdminLoggerInfo.mSecureAdminEmptyPassword); throw new IllegalStateException(ADMSEC_LOGGER.getResourceBundle() .getString(AdminLoggerInfo.mSecureAdminEmptyPassword)); } } } catch (Exception ex) { ADMSEC_LOGGER.log(Level.SEVERE, AdminLoggerInfo.mUnexpectedException, ex); throw new RuntimeException(ex); } } }
/** This is the place where the iteration for the {@link AuthRealm} for administration should be carried out * in server. A convenience method for the same. * * @param as AdminService implemented by those who implement the interface (outer interface). * @return AuthRealm instance for which the name is same as as.getAuthRealmName(), null otherwise. */ public static AuthRealm getAssociatedAuthRealm(AdminService as) { String rn = as.getAuthRealmName(); //this is the name of admin-service@auth-realm-name Config cfg = as.getParent(Config.class); //assumes the structure where <admin-service> resides directly under <config> SecurityService ss = cfg.getSecurityService(); List<AuthRealm> realms = ss.getAuthRealm(); for (AuthRealm realm : realms) { if (rn.equals(realm.getName())) return realm; } return null; }
if (authRealm.getName().equals(adminService.getAuthRealmName())) { fileAuthRealm = authRealm; break;
private JmxConnector writeableJmxConnector() throws TransactionFailure { if (jmxConnector_w == null) { final AdminService adminService = config_w.getAdminService(); if (adminService == null) { return null; } final JmxConnector jmxC = adminService.getSystemJmxConnector(); if (jmxC == null) { return null; } jmxConnector_w = t.enroll(jmxC); } return jmxConnector_w; }
private void setGuiContextRootFromAdminService(AdminService as) { for (Property p : as.getProperty()) { setGuiContextRoot(p); } } private void setGuiContextRoot(Property prop) {
public void postConstruct() { mBootAMX = BootAMX.create(mHabitat, mMBeanServer); final List<JmxConnector> configuredConnectors = mAdminService.getJmxConnector(); final boolean autoStart = false; mConnectorsStarterThread = new JMXConnectorsStarterThread( AdminAuthorizedMBeanServer.newInstance(mMBeanServer, serverEnv.isInstance(), mBootAMX), configuredConnectors, mBootAMX, !autoStart, this); mConnectorsStarterThread.start(); // start AMX *first* (if auto start) so that it's ready if (autoStart) { new BootAMXThread(mBootAMX).start(); } mEvents.register(new ShutdownListener()); }
public Object run(Config config) throws PropertyVetoException, TransactionFailure { AdminService adminService = config.createChild(AdminService.class); config.setAdminService(adminService); //dasConfig cannot be null. Add a dummy. DasConfig dc = adminService.createChild(DasConfig.class); adminService.setDasConfig(dc); for (int i = 0; i < parser.getAttributeCount(); i++) { String attr = parser.getAttributeLocalName(i); String val = parser.getAttributeValue(i); if (attr.equals("system-jmx-connector-name")) { adminService.setSystemJmxConnectorName(val); } if (attr.equals("type")) { adminService.setType(val); } } createAdminServiceProperty(adminService); return null; } }
if (as.usesFileRealm()) { final boolean isUsernamePasswordAuth = handleFileRealm(user, password); logger.log(Level.FINE, "Not a \"trusted sender\"; file realm user authentication {1} for admin user {0}", authenticated = true; final boolean isConsideredInAdminGroup = ( (as.getAssociatedAuthRealm().getGroupMapping() == null) || ensureGroupMembership(user, realm)); return isConsideredInAdminGroup
private void createAdminServiceProperty(AdminService as) throws PropertyVetoException { while (true) { try { if (parser.next() == START_ELEMENT) { if (parser.getLocalName().equals("property")) { Property p = as.createChild(Property.class); as.getProperty().add(p); createProperty(p); break; } } } catch (TransactionFailure ex) { logger.log( Level.SEVERE, failedToCreateAdminService, ex); } catch (XMLStreamException ex) { logger.log( Level.SEVERE, problemParsingAdminService, ex); } } }
/** This is the place where the iteration for the {@link AuthRealm} for administration should be carried out * in server. A convenience method for the same. * * @param as AdminService implemented by those who implement the interface (outer interface). * @return AuthRealm instance for which the name is same as as.getAuthRealmName(), null otherwise. */ public static AuthRealm getAssociatedAuthRealm(AdminService as) { String rn = as.getAuthRealmName(); //this is the name of admin-service@auth-realm-name Config cfg = as.getParent(Config.class); //assumes the structure where <admin-service> resides directly under <config> SecurityService ss = cfg.getSecurityService(); List<AuthRealm> realms = ss.getAuthRealm(); for (AuthRealm realm : realms) { if (rn.equals(realm.getName())) return realm; } return null; }
&& (authRealmName.equals(adminService.getAuthRealmName()))) { if (password.isEmpty()) { report.setMessage(localStrings.getLocalString(
/** * Returns if the SystemJMXConnector is secure or not * * @param instance * @return */ public boolean isSecureJMX(String instance) { String isSecure = "false"; if (domain.getServerNamed(instance) != null) { if (domain.getServerNamed(instance).getConfig().getAdminService().getSystemJmxConnector() != null) { isSecure = domain.getServerNamed(instance).getConfig().getAdminService().getSystemJmxConnector().getSecurityEnabled(); } } return Boolean.parseBoolean(isSecure); } }