4823N/A * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * This class initializes and starts the RMIConnectorServer for JSR 163 0N/A * Default values for JMX configuration properties. 0N/A * Names of JMX configuration properties. 0N/A "com.sun.management.jmxremote.port";
4823N/A "com.sun.management.jmxremote.rmi.port";
671N/A "com.sun.management.jmxremote.local.only";
0N/A "com.sun.management.jmxremote.ssl";
0N/A "com.sun.management.jmxremote.registry.ssl";
0N/A "com.sun.management.jmxremote.authenticate";
0N/A "com.sun.management.jmxremote.password.file";
0N/A "com.sun.management.jmxremote.access.file";
0N/A "com.sun.management.jmxremote.ssl.enabled.cipher.suites";
0N/A "com.sun.management.jmxremote.ssl.enabled.protocols";
0N/A "com.sun.management.jmxremote.ssl.need.client.auth";
29N/A * JMXConnectorServer associated data. 0N/A * <p>Prevents our RMI server objects from keeping the JVM alive.</p> 0N/A * <p>We use a private interface in Sun's JMX Remote API implementation 0N/A * that allows us to specify how to export RMI objects. We do so using 0N/A * UnicastServerRef, a class in Sun's RMI implementation. This is all 0N/A * non-portable, of course, so this is only valid because we are inside 0N/A * <p>Objects are exported using {@link 0N/A * UnicastServerRef#exportObject(Remote, Object, boolean)}. The 0N/A * boolean parameter is called <code>permanent</code> and means 0N/A * both that the object is not eligible for Distributed Garbage 0N/A * Collection, and that its continued existence will not prevent 0N/A * the JVM from exiting. It is the latter semantics we want (we 0N/A * already have the former because of the way the JMX Remote API 0N/A * works). Hence the somewhat misleading name of this class.</p> 0N/A synchronized (
this) {
0N/A // Nothing special to be done for this case 0N/A * This JMXAuthenticator wraps the JMXPluggableAuthenticator and verifies 0N/A * that at least one of the principal names contained in the authenticated 0N/A * Subject is present in the access file. 0N/A "Access denied! No matching entries found in " +
0N/A "authenticated Subject is null");
0N/A "Access denied! No entries found in the access file [" +
4823N/A // The variable below is here to support stop functionality 4823N/A // It would be overriten if you call startRemoteCommectionServer second 4823N/A // Remove the entry from registry 4823N/A // This exception can appears only if we attempt 4823N/A // to unexportRegistry second time. So it's safe 4823N/A // to ignore it without additional messages. 4823N/A * Initializes and starts the JMX Connector Server. 4823N/A * If the com.sun.management.jmxremote.port property is not defined, 4823N/A * simply return. Otherwise, attempts to load the config file, and 4823N/A * then calls {@link #startRemoteConnectorServer 4823N/A * This method is used by some jtreg tests. 4823N/A // Load a new management properties 4823N/A * This method is used by some jtreg tests. 4823N/A * @see #startRemoteConnectorServer 4823N/A * (String portStr, Properties props) 0N/A * Initializes and starts a JMX Connector Server for remote 0N/A * monitoring and management. 4823N/A // User can specify a port to be used to export rmi object, 4823N/A // in order to simplify firewall rules 4823N/A // if port is not specified random one will be allocated. 0N/A // Do we use authentication? 0N/A // Do we use RMI Registry SSL? 0N/A // Read SSL config file name 0N/A // Initialize settings when authentication is active 0N/A // Get non-default login configuration 0N/A // Get password file 29N/A // Export remote connector address and associated configuration 29N/A // properties to the instrumentation buffer. 29N/A // Remote connector server started but unable to export remote 29N/A // connector address and associated configuration properties to 29N/A // the instrumentation buffer - non-fatal error. 0N/A * Creates and starts a RMI Connector Server for "local" monitoring 0N/A // Ensure cryptographically strong random number generater used 0N/A // to choose the object number - see java.rmi.server.ObjID 0N/A // This RMI server should not keep the VM alive 0N/A // The local connector server need only be available via the 0N/A // loopback connection. 0N/A // localhost unknown or (somehow) didn't resolve to 0N/A // a loopback address. 671N/A // Do we accept connections from local interfaces only? 4823N/A "jmxremote.ConnectorBootstrap.file.readonly",
0N/A * Compute the full path name for a default file. 0N/A * @param basename basename (with extension) of the default file. 0N/A // Load the SSL keystore properties from the config file 0N/A /* Make sure we use non-guessable RMI object IDs. Otherwise 0N/A * attackers could hijack open connections by guessing their 0N/A /* Our exporter remembers the first object it was asked to 29N/A export, which will be an RMIServerImpl appropriate for 29N/A publication in our special registry. We could 29N/A alternatively have constructed the RMIServerImpl explicitly 29N/A and then constructed an RMIConnectorServer passing it as a 29N/A parameter, but that's quite a bit more verbose and pulls in 29N/A lots of knowledge of the RMI connector. */ 0N/A * This class cannot be instantiated.