8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: Agent.java,v 1.9 2009/11/10 01:33:22 bigfatrat Exp $
a4544a5a0e622ef69e38641f87ab1b5685e05911Phill Cunnington * Portions Copyrighted 2011-2015 ForgeRock AS.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.management.comm.SnmpAdaptorServer;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.management.snmp.SnmpStatusException;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport javax.management.InstanceAlreadyExistsException;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport javax.management.InstanceNotFoundException;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport javax.management.MBeanRegistrationException;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport javax.management.MalformedObjectNameException;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport javax.management.NotCompliantMBeanException;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport javax.management.RuntimeOperationsException;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport javax.management.remote.JMXConnectorServer;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport javax.management.remote.JMXConnectorServerFactory;
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Lunaimport org.forgerock.openam.monitoring.cts.CtsConnectionFailureRate;
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Lunaimport org.forgerock.openam.monitoring.cts.CtsConnectionSuccessRate;
dcaf67650b5323dbf22121c7bf12be9be903f8c5David Lunaimport org.forgerock.openam.monitoring.cts.CtsMonitoring;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport org.forgerock.openam.monitoring.cts.FORGEROCK_OPENAM_CTS_MIB;
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaimport org.forgerock.openam.monitoring.cts.FORGEROCK_OPENAM_CTS_MIBImpl;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Lunaimport org.forgerock.openam.monitoring.policy.FORGEROCK_OPENAM_POLICY_MIB;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Lunaimport org.forgerock.openam.monitoring.policy.FORGEROCK_OPENAM_POLICY_MIBImpl;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Lunaimport org.forgerock.openam.monitoring.policy.PolicyEvaluation;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Lunaimport org.forgerock.openam.monitoring.policy.SelfEvaluation;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Lunaimport org.forgerock.openam.monitoring.policy.SelfTiming;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Lunaimport org.forgerock.openam.monitoring.policy.SubtreeEvaluation;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Lunaimport org.forgerock.openam.monitoring.policy.SubtreeTiming;
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Lunaimport org.forgerock.openam.monitoring.session.CtsSessions;
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Lunaimport org.forgerock.openam.monitoring.session.FORGEROCK_OPENAM_SESSION_MIB;
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Lunaimport org.forgerock.openam.monitoring.session.FORGEROCK_OPENAM_SESSION_MIBImpl;
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Lunaimport org.forgerock.openam.monitoring.session.InternalSessions;
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Lunaimport org.forgerock.openam.monitoring.session.RemoteSessions;
87d68743726585ee101ba2e7be2cf06cd34ebb80Neil Maddenimport org.forgerock.openam.monitoring.session.StatelessSessions;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The Agent class provides a simple example on how to use the SNMP
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * protocol adaptor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * A subset of MIB II (RFC1213) is implemented. The MIB is loaded and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * initialized. As such you can now see the MIB using your favorite
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SNMP manager, or you can use a web browser and see the MIB through
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the HTML adaptor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When calling the program, you can specify:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * - nb_traps: number of traps the SNMP agent will send.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If not specified, the agent will send traps continuously.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * In this example, the SNMP adaptor is started on port 8085, and the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * traps are sent to the port 8086, i.e. non standard ports for SNMP.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * As such you do not need to be root to start the agent.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static SnmpAdaptorServer snmpAdaptor = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static HtmlAdaptorServer htmlAdaptor = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This variable defines the number of traps this agent has to send.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If not specified in the command line arguments, the traps will be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sent continuously.
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna private static ObjectName forgerockCtsMibObjName;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna private static ObjectName forgerockPolicyMibObjName;
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna private static ObjectName forgerockSessionMibObjName;
1d407e39b7d8f68d9a2b1e178f35fab037d9835aRobert Wapshott private static Map<String, String> siteIdTable;
1d407e39b7d8f68d9a2b1e178f35fab037d9835aRobert Wapshott private static Map<String, String> serverIDTable;
1d407e39b7d8f68d9a2b1e178f35fab037d9835aRobert Wapshott private static Map<String, String> namingTable;
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna //static mib references
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna static FORGEROCK_OPENAM_CTS_MIBImpl forgerockCtsMib;
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna static FORGEROCK_OPENAM_POLICY_MIBImpl forgerockPolicyMib;
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna static FORGEROCK_OPENAM_SESSION_MIBImpl forgerockSessionMib;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Map<String, Integer> realm2Index = new HashMap<String, Integer>(); // realm name to index map
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Map<Integer, String> index2Realm = new HashMap<Integer, String>(); // index to realm name map
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Map<String, String> realm2DN = new HashMap<String, String>(); // realm name to DN map
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Map<String, String> DN2Realm = new HashMap(); // DN to realm name map
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Map<String, SsoServerAuthModulesEntryImpl> realmAuthInst =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new HashMap<String, SsoServerAuthModulesEntryImpl>(); // realm|authname entries
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Map<String, SsoServerSAML2IDPEntryImpl> realmSAML2IDPs =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new HashMap<String, SsoServerSAML2IDPEntryImpl>(); // realm|idp entries
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Map<String, SsoServerSAML2SPEntryImpl> realmSAML2SPs =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new HashMap<String, SsoServerSAML2SPEntryImpl>(); // realm|sp entries
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static final int MON_CONFIG_DISABLED = -1;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static final int MON_MBEANSRVR_PROBLEM = -2;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static final int MON_RMICONNECTOR_PROBLEM = -3;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static final int MON_CREATEMIB_PROBLEM = -4;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static final int MON_READATTRS_PROBLEM = -5;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Agent constructor
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (monitoringEnabled && monRmiPortEnabled && (cs != null)) {
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna server.unregisterMBean(forgerockPolicyMibObjName);
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna server.unregisterMBean(forgerockSessionMibObjName);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Agent.stopRMI: error unregistering MBean:" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Agent.stopRMI: error unregistering MBean:" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster UnicastRemoteObject.unexportObject(registry, true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning("Agent.stopRMI:rmi adaptor stopped.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error("Agent.stopRMI: error stopping monitoring " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning("Agent.stopRMI: cs is null, or " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "monitoring or RMI port not enabled.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (monitoringEnabled && monSnmpPortEnabled && (snmpAdaptor != null)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning("Agent.stopRMI:snmp adaptor stopped.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (monitoringEnabled && monHtmlPortEnabled && (htmlAdaptor != null)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning("Agent.stopRMI:html adaptor stopped.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Receives Site and Server configuration information from
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * WebtopNaming. Information is saved and the corresponding
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Monitoring MBeans are created after the Agent ports are started.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void siteAndServerInfo(SSOServerInfo svrInfo) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This method starts up the monitoring agent. Returns either
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * zero (0) if intialization has completed successfully, or one (1)
2fe1e6ab330f5f88e97684012ff29cde7e61c9c4Dirk Hogan * @param srvInfo Server information
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static void startMonitoringAgent(SSOServerInfo svrInfo) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "Agent.startMonitoringAgent:";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * ServerIDTable has form:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <proto>://<host>:<port>/<uri>=nn,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * while NamingTable has form
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * nn=<proto>://<host>:<port>/<uri>
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna new StringBuilder("Agent.startMonitoringAgent:ServerInfo:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" ServerID = ").append(ssoServerID).append("\n").
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(" SiteID = ").append(ssoSiteID).append("\n").
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(" ServerProtocol = ").append(ssoProtocol).
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(" ServerName = ").append(ssoName).append("\n").
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(" ServerURI = ").append(ssoURI).append("\n").
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(" IsEmbeddedDS = ").append(dsIsEmbedded).append("\n").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * can get this server's URL from the naming table, using
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * its serverID. get the site's URL with siteID
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" Naming table entry for serverID ").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((svrURL != null) && (svrURL.length() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((svrURL != null) && (svrURL.length() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" start date/time = ").append(startDate);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there's a site configured, then siteIdTable will contain
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the serverIDs
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((siteIdTable != null) && !siteIdTable.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, String> entry : siteIdTable.entrySet()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * print out the serverIDTable
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((serverIDTable != null) && !serverIDTable.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, String> entry : serverIDTable.entrySet()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" server ").append(entry.getKey()).append(" ==> svrid ").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * print out the namingTable
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((namingTable != null) && !namingTable.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = ks.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" key ").append(svr).append(" ==> value ").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This method starts up the monitoring agent from the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * common/ConfigMonitoring module (load-on-startup or at the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * end of AMSetupServlet/configuration). Since web-app startup
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * is sensitive to exceptions in load-on-startup stuff, this has
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * quite a few try/catch blocks.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If any of HTML, SNMP, or RMI adaptors has a problem getting created
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * or started, attempts to create/start the others will be made; If
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * at least one adaptor is started, monitoring will be "active"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (Agent.isRunning() will return true).
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * @param monConfig SSOServerMonConfig structure of OpenAM configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return 0 (zero) if at least one of HTML/SNMP/RMI adaptors started up;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * MON_CONFIG_DISABLED:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if monitoring configured as disabled
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * MON_MBEANSRVR_PROBLEM:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if MBeanServer problem encountered
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * MON_RMICONNECTOR_PROBLEM:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if RMI connector problem
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (MIB not registered with MBeanServer)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * MON_CREATEMIB_PROBLEM:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if problem creating/registering MIB
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static int startAgent (SSOServerMonConfig monConfig) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster monitoringEnabled = monConfig.monitoringEnabled;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster monHtmlPortEnabled = monConfig.monHtmlPortEnabled;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster monSnmpPortEnabled = monConfig.monSnmpPortEnabled;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster monRmiPortEnabled = monConfig.monRmiPortEnabled;
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee // OpenAM server port comes from WebtopNaming.siteAndServerInfo
636f2dcf39bd5b102f4204903069609d12a7dcd6jeff.schenk // Check for Legacy MonAuthFile.
636f2dcf39bd5b102f4204903069609d12a7dcd6jeff.schenk if ( (monAuthFilePath != null) && (monAuthFilePath.endsWith("opensso_mon_auth")) )
636f2dcf39bd5b102f4204903069609d12a7dcd6jeff.schenk // Perform a rename of the old filename to the latest naming.
636f2dcf39bd5b102f4204903069609d12a7dcd6jeff.schenk File newMonAuthFile = new File(monAuthFile.getParentFile()+"/"+"openam_mon_auth");
636f2dcf39bd5b102f4204903069609d12a7dcd6jeff.schenk monAuthFilePath = newMonAuthFile.getAbsolutePath();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * there are a lot of exception checks in this method, as
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * it's invoked from a load-on-startup servlet. if it
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * chokes in here, OpenAM won't start up.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning(classMethod + "Monitoring configured as disabled.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * verify that the HTML, SNMP and RMI ports aren't the same as
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * the OpenAM server port. if HTML or SNMP conflict with it,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * then they'll be disabled (warning message). if the RMI port
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * conflicts, then all of monitoring is disabled. there might
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * be other ports that should be checked.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "RMI port conflicts with OpenSSO server port (" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "HTML port conflicts with OpenSSO server port (" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SNMP port conflicts with OpenSSO server port (" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * odd. if serverPort's not a valid int, then there'll be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * other problems
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna debug.error(classMethod + "Server port (" + serverPort +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna " monitoring Enabled = " + monitoringEnabled + "\n" +
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna " SessionWindow size = " + sessionWindow + "\n" +
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * if OpenAM's deployed on a container that has MBeanServer(s),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * will the findMBeanServer(null) "find" those? if so,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * is using the first one the right thing to do?
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster servers = MBeanServerFactory.findMBeanServer(null);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if can't find one, try creating one below, although
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there's no findMBeanServer permission, it's unlikely
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * that there's a createMBeanServer permission...
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "findMBeanServer permission error: " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + "MBeanServer list is not empty: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster server = MBeanServerFactory.createMBeanServer();
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "createMBeanServer permission error: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "createMBeanServer JMRuntime error: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "createMBeanServer ClassCast error: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String domain = server.getDefaultDomain(); // throws no exception
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create the MIB II (RFC 1213), add to the MBean server.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna new ObjectName("snmp:class=SUN_OPENSSO_SERVER_MIB");
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna new ObjectName("snmp:class=FORGEROCK_OPENAM_CTS_MIB");
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna new ObjectName("snmp:class=FORGEROCK_OPENAM_POLICY_MIB");
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna new ObjectName("snmp:class=FORGEROCK_OPENAM_SESSION_MIB");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Adding SUN_OPENSSO_SERVER_MIB to MBean server " +
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna "Adding FORGEROCK_OPENAM_CTS_MIB to MBean server " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from ObjectName
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error getting ObjectName for the MIB: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create an instance of the customized MIB
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna forgerockCtsMib = new FORGEROCK_OPENAM_CTS_MIBImpl();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna forgerockPolicyMib = new FORGEROCK_OPENAM_POLICY_MIBImpl();
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna forgerockSessionMib = new FORGEROCK_OPENAM_SESSION_MIBImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error (classMethod + "Runtime error instantiating MIB", ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error (classMethod + "Error instantiating MIB", ex);
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna server.registerMBean(forgerockCtsMib, forgerockCtsMibObjName);
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna server.registerMBean(forgerockPolicyMib, forgerockPolicyMibObjName);
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna server.registerMBean(forgerockSessionMib, forgerockSessionMibObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from registerMBean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Null parameter or no object name for MIB specified: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from registerMBean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error registering MIB MBean: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // probably can just continue
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from registerMBean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error registering MIB MBean: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from registerMBean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error registering MIB MBean: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * now that we have the MBeanServer, see if the HTML,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SNMP and RMI adaptors specified will start up
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean monHTMLStarted = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean monSNMPStarted = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean monRMIStarted = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // HTML port adaptor
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create and start the HTML adaptor.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ":class=HtmlAdaptorServer,protocol=html,port=" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Adding HTML adaptor to MBean server with name '" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "HTML adaptor is bound on TCP port " + monHtmlPort);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map<String, String> users = MonitoringUtil.getMonAuthList(monAuthFilePath);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AuthInfo authInfo[] = new AuthInfo[users.size()];
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, String> entry : users.entrySet()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster authInfo[i] = new AuthInfo(entry.getKey(), entry.getValue());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster htmlAdaptor = new HtmlAdaptorServer(monHtmlPort, authInfo);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "HTML monitoring interface disabled; no " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "authentication file found");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Monitoring HTML adaptor not started.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster server.registerMBean(htmlAdaptor, htmlObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from ObjectName
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error getting ObjectName for HTML adaptor: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from ObjectName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "NPE getting ObjectName for HTML adaptor", ex);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "NPE getting ObjectName for HTML adaptor: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from registerMBean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error registering HTML adaptor MBean: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from registerMBean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error registering HTML adaptor MBean: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from registerMBean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error registering HTML adaptor MBean: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Monitoring HTML port not enabled in configuration.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // SNMP port adaptor
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // SNMP specific code:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Create and start the SNMP adaptor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Specify the port to use in the constructor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The standard port for SNMP is 161.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ":class=SnmpAdaptorServer,protocol=snmp,port=" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Adding SNMP adaptor to MBean server with name '" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SNMP Adaptor is bound on UDP port " + monSnmpPort);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster snmpAdaptor = new SnmpAdaptorServer(monSnmpPort); // no exc
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Unable to get SNMP adaptor.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster server.registerMBean(snmpAdaptor, snmpObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Send a coldStart SNMP Trap.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Use port = monSnmpPort+1.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Sending a coldStart SNMP trap to each " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "destination defined in the ACL file...");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster snmpAdaptor.setTrapPort(new Integer(monSnmpPort+1));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + "Done sending coldStart.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Bind the SNMP adaptor to the MIB in order to make the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * MIB accessible through the SNMP protocol adaptor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If this step is not performed, the MIB will still live
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in the Java DMK agent:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * its objects will be addressable through HTML but not
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna sunMib.setSnmpAdaptor(snmpAdaptor); // throws no exception
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error while setting up SNMP adaptor " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (ex instanceof IOException || ex instanceof SnmpStatusException) {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna // should be from the snmpV1Trap call, which
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna //*shouldn't* affect the rest of snmp operations...
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Monitoring SNMP port not enabled.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // RMI port adaptor
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create an RMI connector and start it
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster registry = LocateRegistry.createRegistry(monRmiPort);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "service:jmx:rmi:///jndi/rmi://localhost:" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cs = JMXConnectorServerFactory.newJMXConnectorServer(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// * Create a LinkTrapGenerator.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// * Specify the ifIndex to use in the object name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// String trapGeneratorClass = "LinkTrapGenerator";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// int ifIndex = 1;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// trapGeneratorObjName = new ObjectName("trapGenerator" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// ":class=LinkTrapGenerator,ifIndex=" + ifIndex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// debug.message(classMethod +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// "Adding LinkTrapGenerator to MBean server " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// "with name '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// trapGeneratorObjName + "'");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// LinkTrapGenerator trapGenerator =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// new LinkTrapGenerator(nbTraps);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster// server.registerMBean(trapGenerator, trapGeneratorObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * from JMXServiceURL or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * JMXConnectorServerFactory.JMXConnectorServer
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error getting JMXServiceURL or JMXConnectorServer " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * from JMXServiceURL or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * JMXConnectorServerFactory.JMXConnectorServer
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error getting JMXServiceURL or JMXConnectorServer " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * from JMXConnectorServerFactory.JMXConnectorServer or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * JMXConnectorServer.start
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error getting JMXConnectorServer for, or starting " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // from JMXConnectorServer.start
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Illegal State Error from JMXConnectorServer for " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compiler says that JMXProviderException and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * NullPointerException already caught
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error starting RMI: executing rmiregistry " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning(classMethod + "Monitoring RMI port not enabled.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the HTML and SNMP adaptors may or may not be started,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * but if the RMI connector had a problem, monitoring is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * non-functional, as the opensso MIB didn't get registered.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!monRMIStarted && !monSNMPStarted && !monHTMLStarted) {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "No Monitoring interfaces started; monitoring disabled.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster agentStarted = true; // if all/enough has gone well
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return whether agent is "running" or not
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Monitoring implementations should not call this method directly, but
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * instead, they should call {@link MonitoringUtil#isRunning()}.
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna * Return the size of the policy window to configure.
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna * @return size of the number of policy samples to use as our history.
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna * Return the size of the session window to configure.
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna * @return size of the number of session samples to use as our history.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the authentication service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerAuthSvcImpl getAuthSvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getAuthSvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerConnPoolSvcImpl getConnPoolSvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getConnPoolGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the session service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerSessSvcImpl getSessSvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getSessSvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the logging service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerLoggingSvcImpl getLoggingSvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getLoggingSvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the policy service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerPolicySvcImpl getPolicySvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getPolicySvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the IdRepo service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerIdRepoSvcImpl getIdrepoSvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getIdrepoSvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the service service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerSvcMgmtSvcImpl getSmSvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getSmSvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the SAML1 service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerSAML1SvcImpl getSaml1SvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getSaml1SvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the SAML2 service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerSAML2SvcImpl getSaml2SvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getSaml2SvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the IDFF service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerIDFFSvcImpl getIdffSvcMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getIdffSvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the Topology mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerTopologyImpl getTopologyMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getTopologyGroup();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna public static SubtreeEvaluation getSubtreeEvaluationMBean() {
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna return forgerockPolicyMib == null ? null : forgerockPolicyMib.getSubtreeEvaluation();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna public static SubtreeTiming getSubtreeTimingMBean() {
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna return forgerockPolicyMib == null ? null : forgerockPolicyMib.getSubtreeTiming();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna public static SelfEvaluation getSelfEvaluationMBean() {
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna return forgerockPolicyMib == null ? null : forgerockPolicyMib.getSelfEvaluation();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna public static PolicyEvaluation getPrivilegeEvaluationMBean() {
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna return forgerockPolicyMib == null ? null : forgerockPolicyMib.getPolicyEvaluation();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna return forgerockPolicyMib == null ? null : forgerockPolicyMib.getSelfTiming();
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna public static InternalSessions getInternalSessionsMBean() {
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna return forgerockSessionMib == null ? null : forgerockSessionMib.getInternalSessions();
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna public static CtsSessions getCtsSessionsMBean() {
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna return forgerockSessionMib == null ? null : forgerockSessionMib.getCtsSessions();
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna public static RemoteSessions getRemoteSessionsMBean() {
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna return forgerockSessionMib == null ? null : forgerockSessionMib.getRemoteSessions();
87d68743726585ee101ba2e7be2cf06cd34ebb80Neil Madden public static StatelessSessions getStatelessSessionsMBean() {
87d68743726585ee101ba2e7be2cf06cd34ebb80Neil Madden return forgerockSessionMib == null ? null : forgerockSessionMib.getStatelessSessions();
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna * Return the pointer to the CTSMonitor mbean
dcaf67650b5323dbf22121c7bf12be9be903f8c5David Luna public static CtsMonitoring getCtsMonitoringMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return forgerockCtsMib == null ? null : forgerockCtsMib.getCtsMonitoringGroup();
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna * Return the pointer to the CtsConnectionFailureRate mbean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna public static CtsConnectionFailureRate getCtsConnectionFailureRateMBean() {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna return forgerockCtsMib == null ? null : forgerockCtsMib.getCtsConnectionFailureRate();
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna * Return the pointer to the CtsConnectionFailureRate mbean
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna public static CtsConnectionSuccessRate getCtsConnectionSuccessRateMBean() {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna return forgerockCtsMib == null ? null : forgerockCtsMib.getCtsConnectionSuccessRate();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the Server Instance mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerInstanceImpl getSvrInstanceMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getSvrInstanceGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the Fed COTs mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerFedCOTsImpl getFedCOTsMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getFedCotsGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the Federation Entities mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerFedEntitiesImpl getFedEntsMBean() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getFedEntitiesGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return the pointer to the Entitlements Service mbean
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerEntitlementSvcImpl getEntitlementsGroup() {
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna return sunMib == null ? null : sunMib.getEntitlementsGroup();
1d407e39b7d8f68d9a2b1e178f35fab037d9835aRobert Wapshott public static Map<String, String> getSiteIdTable() {
1d407e39b7d8f68d9a2b1e178f35fab037d9835aRobert Wapshott public static Map<String, String> getServerIdTable() {
1d407e39b7d8f68d9a2b1e178f35fab037d9835aRobert Wapshott public static Map<String, String> getNamingTable() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static Map<String, String> getSiteToURLTable() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static Map<String, String> getURLToSiteTable() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * receive Set of site names
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param sNames site name -> primary URL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param urlSites is opposite... primary URL -> site name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void siteNames (Map<String, String> sNames, Map<String, String> urlSites) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder("Site Names and URLs:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, String> entry : sNames.entrySet()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" siteName = ").append(entry.getKey()).
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(", primary URL = ").append(entry.getValue()).append("\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the urlSites map (url => sitename), can do the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SsoServerSitesEntryImpl entries
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * where the key==value in siteIdTable is a site
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * where the key!=value, then do the sitemap entries
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, String> entry : siteIdTable.entrySet()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String escSiteName = getEscapedString(siteName);
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerTopologyImpl tg = sunMib.getTopologyGroup();
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerSitesEntryImpl ssse = new SsoServerSitesEntryImpl(sunMib);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + "doing siteName " + siteName +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ssse.createSsoServerSitesEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for siteName '" + siteName +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else { // is a server
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "invalid serverID (" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ssse.createSsoServerSiteMapEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for server siteName '" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ", mapid = " + siteId + ", siteName = " + siteName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + siteId + "/" + svrId, ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Agent.siteNames:\n Start Time = " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * receive ordered list of realms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static int realmsConfig (List<String> realmList) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * no realm "service", so have to create the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * realm table here.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna new StringBuilder("receiving list of realms (size = ");
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerInstanceImpl sig = sunMib.getSvrInstanceGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getting realm table: ", ex);
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerRealmEntryImpl rei = new SsoServerRealmEntryImpl(sunMib);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rei.SsoServerRealmIndex = Integer.valueOf(i+1);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ObjectName oname = rei.createSsoServerRealmEntryObjectName(server);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "Error creating object for realm '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" realm #").append(i).append(" = ").append(ss).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * each realm gets a realm-to-index, index-to-realm,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * realm-to-DN and DN-to-realm map entry
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * could have used TableSsoServerRealmTable.getEntries(),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * but that's a little more complicated than just counting
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * entries as they're successfully added here.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "No realms processed successfully.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * create the Entitlements MBeans for this realm as specified by Ii.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the Network Monitors are not per-real. the set list is in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * MonitoringUtil.java (getNetworkMonitorNames()).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the Policy Stats are realm-based.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String[] nms = MonitoringUtil.getNetworkMonitorNames();
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerEntitlementSvc esi = sunMib.getEntitlementsGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // now the realm-based policy stats
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerEntitlementPolicyStatsTable ptab =
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna esi.accessSsoServerEntitlementPolicyStatsTable();
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna new SsoServerEntitlementPolicyStatsEntryImpl(sunMib);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ssi.EntitlementPolicyStatsIndex = Integer.valueOf(i+1);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna createSsoServerEntitlementPolicyStatsEntryObjectName(
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for Entitlements " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "on Entitlements Policy Stats '" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "on Entitlements Policy Stats '" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "getting Entitlements Policy Stats table: ", ex);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Entitlement NetworkMonitor list empty.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Agent.realmsConfig:\n Start Time = " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * process configuration for a realm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static int realmConfigMonitoringAgent (SSOServerRealmInfo rlmInfo) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "Agent.realmConfigMonitoringAgent:";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map<String, String> authMods = rlmInfo.authModules;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "could not find realm " + realm +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna " in realm2Index map");
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerAuthSvcImpl sig = sunMib.getAuthSvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getting auth table: ", ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("receiving config info for realm = ").
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(realm).append(":\n Authentication Modules:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * auth module table entries have realm index, and auth module index
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, String> entry : authMods.entrySet()) {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(", value(type) = ").append(modType).append("\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster aei.AuthModuleType = getEscapedString(modType);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aei.createSsoServerAuthModulesEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for auth module name '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* is a Map of realm/authmodule to index needed? */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // aei is this module's SsoServerAuthModulesEntryImpl instance
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // if no realm info added because mbean not created...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * process realm's Agents (only)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the HashMap of attributes/values:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * CLIConstants.ATTR_NAME_AGENT_TYPE
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * type is extracted from the set; can be:
2fe1e6ab330f5f88e97684012ff29cde7e61c9c4Dirk Hogan * J2EEAgent, 2.2_Agent
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * don't do "SharedAgent" (authenticators)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * J2EEAgent should have:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "com.sun.identity.client.notification.url"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "groupmembership"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * WebAgent should have:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "com.sun.identity.agents.config.agenturi.prefix"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "groupmembership"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * 2.2_Agent should have:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "groupmembership"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void configAgentsOnly (String realm, Map<String, Map<String, String>> agtAttrs) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "Agent.configAgentsOnly:";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((agtAttrs == null) || agtAttrs.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + "got null attr map for realm " +
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerPolicyAgents sss = sunMib.getPolicyAgentsGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerPolicy22AgentTable t22tab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerPolicyJ2EEAgentTable j2eetab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerPolicyWebAgentTable watab = null;
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerWSSAgents ssa = sunMib.getWssAgentsGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsSTSAgentTable ststab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsWSPAgentTable wsptab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsWSCAgentTable wsctab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsDSCAgentTable dsctab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * get the tables
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster t22tab = sss.accessSsoServerPolicy22AgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster j2eetab = sss.accessSsoServerPolicyJ2EEAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster watab = sss.accessSsoServerPolicyWebAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ststab = ssa.accessSsoServerWSSAgentsSTSAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster wsptab = ssa.accessSsoServerWSSAgentsWSPAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster wsctab = ssa.accessSsoServerWSSAgentsWSCAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster dsctab = ssa.accessSsoServerWSSAgentsDSCAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getting Agents tables: ", ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return; // can't do anything without the tables
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ststab = ssa.accessSsoServerWSSAgentsSTSAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster wsptab = ssa.accessSsoServerWSSAgentsWSPAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster wsctab = ssa.accessSsoServerWSSAgentsWSCAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster dsctab = ssa.accessSsoServerWSSAgentsDSCAgentTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getting WSS Agents tables: ", ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return; // can't do anything without the tables
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("agents for realm ").append(realm).append(", # = ").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the realm isn't in the table, there's not much point
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in doing the rest
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "didn't find index for realm " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, Map<String, String>> entry : agtAttrs.entrySet()) {
80ca0b9f5ad61b2335af25d4dcf25a04ebfcbc91Peter Major String atype = hm.get(Constants.ATTR_NAME_AGENT_TYPE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // group and agent name can't have ":" in it, or jdmk gags
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna append(", membership = ").append(grpmem).append("\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "com.sun.identity.agents.config.agenturi.prefix");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String lurl = hm.get("com.sun.identity.agents.config.login.url");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aei.createSsoServerPolicyWebAgentEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for Policy WebAgent '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aei.createSsoServerPolicy22AgentEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for Policy 2.2 Agent '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna hm.get("com.sun.identity.client.notification.url");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna hm.get("com.sun.identity.agents.config.login.url");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster aei.PolicyJ2EEAgentIndex = new Integer(j2eei++);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aei.createSsoServerPolicyJ2EEAgentEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for Policy J2EE Agent '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // SharedAgent type are agent authenticators
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "agent type = " + atype +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ", agent name = " + agtname + " not supported.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * process realm's Agent Groups
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the HashMap of attributes/values:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * CLIConstants.ATTR_NAME_AGENT_TYPE
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * type is extracted from the set; can be:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * don't do "SharedAgent" (authenticators)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * WebAgent should have:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "com.sun.identity.agents.config.agenturi.prefix"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * J2EEAgents should have:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "com.sun.identity.client.notification.url"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void configAgentGroups (String realm, Map<String, Map<String, String>> agtAttrs) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "Agent.configAgentGroups:";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((agtAttrs == null) || agtAttrs.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + "got null attr map for realm " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * only doing the J2EEAgent and WebAgent Groups
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerPolicyAgents sss = sunMib.getPolicyAgentsGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerPolicyJ2EEGroupTable j2eetab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerPolicyWebGroupTable wgtab = null;
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerWSSAgents ssa = sunMib.getWssAgentsGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsSTSAgtGrpTable ststab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsWSPAgtGrpTable wsptab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsWSCAgtGrpTable wsctab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerWSSAgentsDSCAgtGrpTable dsctab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster j2eetab = sss.accessSsoServerPolicyJ2EEGroupTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster wgtab = sss.accessSsoServerPolicyWebGroupTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return; // can't do anything without the tables
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ststab = ssa.accessSsoServerWSSAgentsSTSAgtGrpTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster wsptab = ssa.accessSsoServerWSSAgentsWSPAgtGrpTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster wsctab = ssa.accessSsoServerWSSAgentsWSCAgtGrpTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster dsctab = ssa.accessSsoServerWSSAgentsDSCAgtGrpTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return; // can't do anything without the tables
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("agents for realm ").append(realm).append(", # = ").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the realm isn't in the table, there's not much point
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in doing the rest
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "didn't find index for realm " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, Map<String, String>> entry : agtAttrs.entrySet()) {
80ca0b9f5ad61b2335af25d4dcf25a04ebfcbc91Peter Major String atype = hm.get(Constants.ATTR_NAME_AGENT_TYPE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" agent group name = ").append(agtname).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster continue; // no table to put it into
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna hm.get("com.sun.identity.agents.config.login.url");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aei.createSsoServerPolicyWebGroupEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for Policy Web Agent Group '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster continue; // no table to put it into
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna hm.get("com.sun.identity.agents.config.login.url");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster aei.PolicyJ2EEGroupIndex = new Integer(j2eei++);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aei.createSsoServerPolicyJ2EEGroupEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for Policy J2EE Agent Group '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + agtname + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "agent group type = " + atype +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ", agent group name = " + agtname + " not supported.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * process saml1.x trusted partners (global)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static int saml1TPConfig (List<String> s1TPInfo) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean skipSAML1EndPoints = true; // until instrumentation done
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("number of SAML1 Trusted Partners = ").append(sz).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (server == null) { // can't do anything without a server
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sstpe.SAML1TrustPrtnrName = getEscapedString(pName);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna (SsoServerSAML1SvcImpl) sunMib.getSaml1SvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster TableSsoServerSAML1TrustPrtnrsTable tptab = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster tptab = sss.accessSsoServerSAML1TrustPrtnrsTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return -2; // can't do anything without the table
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return -2; // can't do anything without the table
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna sstpe.createSsoServerSAML1TrustPrtnrsEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAML1 Trusted Partner '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + pName + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + pName + ": " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * while we're here, setup the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SAML1 Cache table (Artifacts and Assertions)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SAML1 Endpoints for SOAPReceiver, POSTProfile,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // assertions
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna SsoServerSAML1SvcImpl sss = sunMib.getSaml1SvcGroup();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getting SAML1 Cache table: ", ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (tptab != null) { // if sss is null, so will tptab
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ssce.createSsoServerSAML1CacheEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAML1 Assertion Cache");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 Assertion Cache table: " + ex.getMessage());
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 Assertion Cache table: " + ex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // artifacts
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster aname = ssce.createSsoServerSAML1CacheEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAML1 Artifact Cache");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "SAML1 Artifact Cache table: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "SAML1 Artifact Cache table: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // SOAPReceiver endpoint
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ssee.SAML1EndPointName = "SOAPReceiver_EndPoint";
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna if (tetab != null) { // if sss is null, so will tetab
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ssee.createSsoServerSAML1EndPointEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAML1 SOAPReceiver_EndPoint");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 SOAPReceiver EndPoint table: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 SOAPReceiver EndPoint table: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna // POSTProfile table
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ssee = new SsoServerSAML1EndPointEntryImpl(sunMib);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aname = ssee.createSsoServerSAML1EndPointEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAML1 POSTProfile_EndPoint");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 POSTProfile EndPoint table: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 POSTProfile EndPoint table: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ssee = new SsoServerSAML1EndPointEntryImpl(sunMib);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna aname = ssee.createSsoServerSAML1EndPointEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAML1 SAMLAware_EndPoint");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 SAMLAware/ArtifactProfile EndPoint table: " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SAML1 SAMLAware/ArtifactProfile EndPoint table: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } // if (!skipSAML1EndPoints)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Agent.saml1TPConfig:\n Start Time = " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static int federationConfig (SSOServerRealmFedInfo srfi)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "Agent.federationConfig:";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map<String, Map<String, String>> saml2Ents = srfi.samlv2Ents;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map<String, Map<String, String>> wsEnts = srfi.wsEnts;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map<String, Map<String, String>> idffEnts = srfi.idffEnts;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map<String, Map<String, Set<String>>> cotMembs = srfi.membEnts;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("fed entities for realm ").append(realm).append(":\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (server == null) { // can't do anything without a server
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna sb.append(" #").append(i).append(": ").append(ss).
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna cei.createSsoServerFedCOTsEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for Fed COT '" + ss + "'");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the federation entities all go into the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SsoServerFedEntitiesTable
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the SAML2 entities map:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * entity name -> hashmap of:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="location"; value="hosted" or "remote"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="roles"; value=some combo of IDP;SP
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((saml2Ents != null) && (saml2Ents.size() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SsoServerSAML2SvcImpl ss2s = getSaml2SvcMBean();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(saml2Ents.size()).append(" entries:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, Map<String, String>> entry : saml2Ents.entrySet()) {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna cei.createSsoServerFedEntitiesEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAML2 Entity '" +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "JMEx adding SAMLv2 entity " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SnmpEx adding SAMLv2 entity " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * these also need to be added to either (possibly
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * both if in both roles?) SAML2's IDP or SP table
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna sei.createSsoServerSAML2IDPEntryObjectName(server);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* is a Map of realm/saml2idp to index needed? */
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna // sei is this bean's instance
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "JMEx adding SAMLv2 IDP entity " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SnmpEx adding SAMLv2 IDP entity " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna sei.createSsoServerSAML2SPEntryObjectName(server);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* is a Map of realm/saml2sp to index needed? */
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna // sei is this bean's instance
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "JMEx adding SAMLv2 SP entity " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SnmpEx adding SAMLv2 SP entity " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the WSFed entities map:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * entity name -> hashmap of:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="location"; value="hosted" or "remote"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="roles"; value=some combo of IDP;SP
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(wsEnts.size()).append(" entries:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, Map<String, String>> entry : wsEnts.entrySet()) {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna cei.createSsoServerFedEntitiesEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for WSFed Entity '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "JMEx adding WSFed entity " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SnmpEx adding WSFed entity " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" name=").append(entname).append(", loc=").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the IDFF entities map:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * entity name -> hashmap of:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="location"; value="hosted" or "remote"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="roles"; value=some combo of IDP;SP
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((idffEnts != null) && (idffEnts.size() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(idffEnts.size()).append(" entries:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, Map<String, String>> entry : idffEnts.entrySet()) {
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna cei.createSsoServerFedEntitiesEntryObjectName(server);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for IDFF Entity '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "JMEx adding IDFF entity " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "SnmpEx adding IDFF entity " +
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "FederationEntities table is null");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the COT members map:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * cot name -> hashmap of:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="SAML"; value=Set of member names
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="IDFF"; value=Set of member names
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * key="WSFed"; value=Set of member names
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((cotMembs != null) && (cotMembs.size() > 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(cotMembs.size()).append(" entries:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster mtab = ssfc.accessSsoServerFedCOTMemberTable();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<String, Map<String, Set<String>>> entry : cotMembs.entrySet()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map<String, Set<String>> hm = entry.getValue();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cmi.FedCOTIndex = cotI; // xxx - need to get from tbl
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for SAMLv2 COT Member '"+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cmi.FedCOTIndex = cotI; // xxx - need to get from tbl
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for IDFF COT Member '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cmi.FedCOTIndex = cotI; // xxx - need to get from tbl
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error creating object for WSFed Member '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * have to do it here?
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster DSConfigMgr dscm = DSConfigMgr.getDSConfigMgr();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Collection<Server> slist = sgrp.getServersList();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sbp1 = new StringBuilder("DSConfigMgr:\n");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "trying to get Directory Server Config");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Properties props = SystemProperties.getProperties();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sbp = new StringBuilder("SYSPROPS:\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Map.Entry<Object, Object> entry : props.entrySet()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sbp.append(" key = ").append(entname).append(", val = ").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String dirHost = SystemProperties.get(Constants.AM_DIRECTORY_HOST);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String dirPort = SystemProperties.get(Constants.AM_DIRECTORY_PORT);
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna SystemProperties.get(Constants.AM_DIRECTORY_SSL_ENABLED);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean dirSSL = SystemProperties.getAsBoolean(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + "SMS CONFIG:\n host = " + dirHost +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Agent.federationConfig:\n Start Time = " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static String getEscapedString (String str) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static String getRealmNameFromIndex (Integer index) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static String getEscRealmNameFromIndex (Integer index) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static Integer getRealmIndexFromName (String name) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static String getRealmNameFromDN(String rlmDN) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerAuthModulesEntryImpl getAuthModuleEntry (
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SSOServerInfo getAgentSvrInfo() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerSAML2IDPEntryImpl getSAML2IDPEntry (
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SsoServerSAML2SPEntryImpl getSAML2SPEntry (
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void setSFOStatus (boolean sfoStatus) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster agentStarted = false; // so Agent.isRunning() is false
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Main entry point.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When calling the program, you can specify:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * 1) nb_traps: number of traps the SNMP agent will send.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If not specified, the agent will send traps continuously.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Parse the number of traps to be sent.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((args.length != 0) && (args.length != 1)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster List<MBeanServer> servers = MBeanServerFactory.findMBeanServer(null);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster server = MBeanServerFactory.createMBeanServer();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create and start the HTML adaptor.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ":class=HtmlAdaptorServer,protocol=html,port=" + htmlPort);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster println("Adding HTML adaptor to MBean server with name \n " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster println("NOTE: HTML adaptor is bound on TCP port " + htmlPort);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster HtmlAdaptorServer htmlAdaptor = new HtmlAdaptorServer(htmlPort);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster server.registerMBean(htmlAdaptor, htmlObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // SNMP specific code:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create and start the SNMP adaptor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Specify the port to use in the constructor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If you want to use the standard port (161) comment out the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // following line:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // snmpPort = 8085;
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna ":class=SnmpAdaptorServer,protocol=snmp,port=" + snmpPort);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster println("Adding SNMP adaptor to MBean server with name \n " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster println("NOTE: SNMP Adaptor is bound on UDP port " + snmpPort);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster server.registerMBean(snmpAdaptor, snmpObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Send a coldStart SNMP Trap.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Use port = snmpPort+1.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna " to each destination defined in the ACL file...");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster snmpAdaptor.setTrapPort(new Integer(snmpPort+1));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create an RMI connector and start it
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "service:jmx:rmi:///jndi/rmi://localhost:9999/server");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Error starting RMI : execute rmiregistry 9999; ex="+ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create the MIB II (RFC 1213) and add it to the MBean server.
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna sunMibObjName = new ObjectName("snmp:class=SUN_OPENSSO_SERVER_MIB");
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna "Adding SUN_OPENSSO_SERVER_MIB-MIB to MBean server with name" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create an instance of the customized MIB
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SUN_OPENSSO_SERVER_MIB mib2 = new SUN_OPENSSO_SERVER_MIB();
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna forgerockCtsMibObjName = new ObjectName("snmp:class=FORGEROCK_OPENAM_CTS_MIB");
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna "Adding FORGEROCK_OPENAM_CTS_MIB-MIB to MBean server with name" +
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna forgerockPolicyMibObjName = new ObjectName("snmp:class=FORGEROCK_OPENAM_POLICY_MIB");
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna "Adding FORGEROCK_OPENAM_POLICY_MIB-MIB to MBean server with name" +
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna forgerockSessionMibObjName = new ObjectName("snmp:class=FORGEROCK_OPENAM_SESSION_MIB");
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna "Adding FORGEROCK_OPENAM_SESSION_MIB-MIB to MBean server with name" +
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna FORGEROCK_OPENAM_CTS_MIB mib3 = new FORGEROCK_OPENAM_CTS_MIB();
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna server.registerMBean(mib3, forgerockCtsMibObjName);
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna FORGEROCK_OPENAM_POLICY_MIB mib4 = new FORGEROCK_OPENAM_POLICY_MIB();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna server.registerMBean(mib4, forgerockPolicyMibObjName);
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna FORGEROCK_OPENAM_SESSION_MIB mib5 = new FORGEROCK_OPENAM_SESSION_MIB();
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna server.registerMBean(mib5, forgerockSessionMibObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Bind the SNMP adaptor to the MIB in order to make the MIB
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // accessible through the SNMP protocol adaptor.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If this step is not performed, the MIB will still live in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // the Java DMK agent:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // its objects will be addressable through HTML but not SNMP.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create a LinkTrapGenerator.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Specify the ifIndex to use in the object name.
7b8fd79c6177846da551bb2cd5e1579b7c650a3cDavid Luna trapGeneratorObjName = new ObjectName("trapGenerator" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster println("Adding LinkTrapGenerator to MBean server with name" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster LinkTrapGenerator trapGenerator = new LinkTrapGenerator(nbTraps);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster server.registerMBean(trapGenerator, trapGeneratorObjName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster println("\n>> Press <Enter> if you want to start sending traps.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster println(">> Press <Ctrl-C> if you want to stop this agent.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return a reference to the SNMP adaptor server.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static SnmpAdaptorServer getSnmpAdaptor() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return usage of the program.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "number of traps the SNMP agent will send.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "If not specified, the agent will send traps continuously.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private final static void println(String msg) {