Apache
/
activemq-artemis
mirror of https://github.com/apache/activemq-artemis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ARTEMIS-1463 - add role based authentication to the JMX objects 

some example fixes

https://issues.apache.org/jira/browse/ARTEMIS-1463
This commit is contained in:
Andy Taylor 2017-10-17 09:42:05 +01:00 committed by Martyn Taylor
parent 93a99cc096
commit 12ad0120ad
7 changed files with 65 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
artemis-server/src/main/java/org/apache/activemq/artemis/core/server/management/ManagementConnector.java
View File

@ -44,9 +44,6 @@ public class ManagementConnector implements ActiveMQComponent {
@Override @Override
public void start() throws Exception { public void start() throws Exception {
ArtemisMBeanServerGuard guard = new ArtemisMBeanServerGuard();
guard.init();
rmiRegistryFactory = new RmiRegistryFactory(); rmiRegistryFactory = new RmiRegistryFactory();
rmiRegistryFactory.setPort(configuration.getConnectorPort()); rmiRegistryFactory.setPort(configuration.getConnectorPort());
rmiRegistryFactory.init(); rmiRegistryFactory.init();

3
examples/features/standard/jmx/pom.xml
View File

@ -61,9 +61,6 @@ under the License.
</goals> </goals>
<configuration> <configuration>
<ignore>${noServer}</ignore> <ignore>${noServer}</ignore>
<!-- options used for JMX on the example -->
<javaOptions>-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=3000 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false
</javaOptions>
</configuration> </configuration>
</execution> </execution>
<execution> <execution>

2
examples/features/standard/jmx/src/main/java/org/apache/activemq/artemis/jms/example/JMXExample.java
View File

@ -80,7 +80,7 @@ public class JMXExample {
// Step 10. Create JMX Connector to connect to the server's MBeanServer // Step 10. Create JMX Connector to connect to the server's MBeanServer
HashMap env = new HashMap(); HashMap env = new HashMap();
String[] creds = {"admin", "password"}; String[] creds = {"guest", "guest"};
env.put(JMXConnector.CREDENTIALS, creds); env.put(JMXConnector.CREDENTIALS, creds);
JMXConnector connector = JMXConnectorFactory.connect(new JMXServiceURL(JMXExample.JMX_URL), env); JMXConnector connector = JMXConnectorFactory.connect(new JMXServiceURL(JMXExample.JMX_URL), env);

20
examples/features/standard/jmx/src/main/resources/activemq/server0/management.xml
View File

@ -22,19 +22,19 @@
<entry domain="hawtio"/> <entry domain="hawtio"/>
</whitelist> </whitelist>
<default-access> <default-access>
<access method="list*" roles="view,update,amq"/> <access method="list*" roles="view,update,amq,guest"/>
<access method="get*" roles="view,update,amq"/> <access method="get*" roles="view,update,amq,guest"/>
<access method="is*" roles="view,update,amq"/> <access method="is*" roles="view,update,amq,guest"/>
<access method="set*" roles="update,amq"/> <access method="set*" roles="update,amq,guest"/>
<access method="*" roles="amq"/> <access method="*" roles="amq,guest"/>
</default-access> </default-access>
<role-access> <role-access>
<match domain="org.apache.activemq.apache"> <match domain="org.apache.activemq.apache">
<access method="list*" roles="view,update,amq"/> <access method="list*" roles="view,update,amq,guest"/>
<access method="get*" roles="view,update,amq"/> <access method="get*" roles="view,update,amq,guest"/>
<access method="is*" roles="view,update,amq"/> <access method="is*" roles="view,update,amq,guest"/>
<access method="set*" roles="update,amq"/> <access method="set*" roles="update,amq,guest"/>
<access method="*" roles="amq"/> <access method="*" roles="amq,guest"/>
</match> </match>
<!--example of how to configure a specific object--> <!--example of how to configure a specific object-->
<!--<match domain="org.apache.activemq.apache" key="subcomponent=queues"> <!--<match domain="org.apache.activemq.apache" key="subcomponent=queues">

2
examples/features/standard/message-counters/pom.xml
View File

@ -61,8 +61,6 @@ under the License.
</goals> </goals>
<configuration> <configuration>
<ignore>${noServer}</ignore> <ignore>${noServer}</ignore>
<javaOptions>-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=3001 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false
</javaOptions>
</configuration> </configuration>
</execution> </execution>
<execution> <execution>

7
examples/features/standard/message-counters/src/main/java/org/apache/activemq/artemis/jms/example/MessageCounterExample.java
View File

@ -44,7 +44,7 @@ import org.apache.activemq.artemis.api.core.management.QueueControl;
*/ */
public class MessageCounterExample { public class MessageCounterExample {
private static final String JMX_URL = "service:jmx:rmi:///jndi/rmi://localhost:3001/jmxrmi"; private static final String JMX_URL = "service:jmx:rmi:///jndi/rmi://localhost:1099/jmxrmi";
public static void main(final String[] args) throws Exception { public static void main(final String[] args) throws Exception {
QueueConnection connection = null; QueueConnection connection = null;
@ -75,7 +75,10 @@ public class MessageCounterExample {
// Step 7. Use JMX to retrieve the message counters using the JMSQueueControl // Step 7. Use JMX to retrieve the message counters using the JMSQueueControl
ObjectName on = ObjectNameBuilder.DEFAULT.getQueueObjectName(SimpleString.toSimpleString(queue.getQueueName()), SimpleString.toSimpleString(queue.getQueueName()), RoutingType.ANYCAST); ObjectName on = ObjectNameBuilder.DEFAULT.getQueueObjectName(SimpleString.toSimpleString(queue.getQueueName()), SimpleString.toSimpleString(queue.getQueueName()), RoutingType.ANYCAST);
JMXConnector connector = JMXConnectorFactory.connect(new JMXServiceURL(JMX_URL), new HashMap<String, Object>()); HashMap env = new HashMap();
String[] creds = {"guest", "guest"};
env.put(JMXConnector.CREDENTIALS, creds);
JMXConnector connector = JMXConnectorFactory.connect(new JMXServiceURL(JMX_URL), env);
MBeanServerConnection mbsc = connector.getMBeanServerConnection(); MBeanServerConnection mbsc = connector.getMBeanServerConnection();
QueueControl queueControl = MBeanServerInvocationHandler.newProxyInstance(mbsc, on, QueueControl.class, false); QueueControl queueControl = MBeanServerInvocationHandler.newProxyInstance(mbsc, on, QueueControl.class, false);

49
examples/features/standard/message-counters/src/main/resources/activemq/server0/management.xml Normal file
View File

@ -0,0 +1,49 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one or more
~ contributor license agreements. See the NOTICE file distributed with
~ this work for additional information regarding copyright ownership.
~ The ASF licenses this file to You under the Apache License, Version 2.0
~ (the "License"); you may not use this file except in compliance with
~ the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<management-context xmlns="http://activemq.org/schema">
<connector connector-port="1099" connector-host="127.0.0.1"/>
<authorisation>
<whitelist>
<entry domain="hawtio"/>
</whitelist>
<default-access>
<access method="list*" roles="view,update,amq,guest"/>
<access method="get*" roles="view,update,amq,guest"/>
<access method="is*" roles="view,update,amq,guest"/>
<access method="set*" roles="update,amq,guest"/>
<access method="*" roles="amq, guest"/>
</default-access>
<role-access>
<match domain="org.apache.activemq.apache">
<access method="list*" roles="view,update,amq,guest"/>
<access method="get*" roles="view,update,amq,guest"/>
<access method="is*" roles="view,update,amq,guest"/>
<access method="set*" roles="update,amq,guest"/>
<access method="*" roles="amq,guest"/>
</match>
<!--example of how to configure a specific object-->
<!--<match domain="org.apache.activemq.apache" key="subcomponent=queues">
<access method="list*" roles="view,update,amq"/>
<access method="get*" roles="view,update,amq"/>
<access method="is*" roles="view,update,amq"/>
<access method="set*" roles="update,amq"/>
<access method="*" roles="amq"/>
</match>-->
</role-access>
</authorisation>
</management-context>