geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ashishj...@apache.org
Subject svn commit: r938358 - in /geronimo/server/branches/2.2: framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/ framework/configs/jmx-security/ framework/modules/geronimo-cli/src/main/java/org/apache/geronimo/cli/daemon/ framework/module...
Date Tue, 27 Apr 2010 08:34:57 GMT
Author: ashishjain
Date: Tue Apr 27 08:34:57 2010
New Revision: 938358

URL: http://svn.apache.org/viewvc?rev=938358&view=rev
Log:
GERONIMO-5148 Remove the dependency of clustering over JMXConnector

Modified:
    geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.bat
    geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.sh
    geronimo/server/branches/2.2/framework/configs/jmx-security/pom.xml
    geronimo/server/branches/2.2/framework/modules/geronimo-cli/src/main/java/org/apache/geronimo/cli/daemon/DaemonCLParser.java
    geronimo/server/branches/2.2/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/main/EmbeddedDaemon.java
    geronimo/server/branches/2.2/plugins/clustering/clustering/src/main/plan/plan.xml

Modified: geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.bat
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.bat?rev=938358&r1=938357&r2=938358&view=diff
==============================================================================
--- geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.bat
(original)
+++ geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.bat
Tue Apr 27 08:34:57 2010
@@ -242,6 +242,7 @@ echo   -v   --verbose     INFO log level
 echo   -vv  --veryverbose DEBUG log level
 echo        --override    Override configurations. USE WITH CAUTION!
 echo        --help        Detailed help.
+echo   -s   --secure      Enable Geronimo for 2 way secure JMX communication.
 echo.
 echo args for stop command:
 echo        --user        Admin user

Modified: geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.sh
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.sh?rev=938358&r1=938357&r2=938358&view=diff
==============================================================================
--- geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.sh
(original)
+++ geronimo/server/branches/2.2/framework/configs/geronimo-boilerplate/src/main/underlay/contents/bin/geronimo.sh
Tue Apr 27 08:34:57 2010
@@ -394,6 +394,7 @@ else
   echo "  -vv  --veryverbose DEBUG log level"
   echo "       --override    Override configurations. USE WITH CAUTION!"
   echo "       --help        Detailed help."
+  echo "  -s   --secure      Enable Geronimo for 2 way secure JMX communication."
   echo ""
   echo "args for stop command:"
   echo "       --user        Admin user"

Modified: geronimo/server/branches/2.2/framework/configs/jmx-security/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/framework/configs/jmx-security/pom.xml?rev=938358&r1=938357&r2=938358&view=diff
==============================================================================
--- geronimo/server/branches/2.2/framework/configs/jmx-security/pom.xml (original)
+++ geronimo/server/branches/2.2/framework/configs/jmx-security/pom.xml Tue Apr 27 08:34:57
2010
@@ -70,6 +70,12 @@
                                     <attribute name="host">#{ServerHostname}</attribute>
                                     <attribute name="port">#{JMXSecurePort + PortOffset}</attribute>
                                     <attribute name="urlPath">/jndi/rmi://#{ServerHostname}:#{NamingPort
+ PortOffset}/JMXSecureConnector</attribute>
+                                    <attribute name="algorithm">Default</attribute>
+                                    <attribute name="secureProtocol">TLS</attribute>
+                                    <attribute name="keyStore">geronimo-default</attribute>
+                                    <attribute name="keyAlias">geronimo</attribute>
+                                    <attribute name="trustStore">geronimo-default</attribute>
+                                    <attribute name="clientAuth">false</attribute>
                                 </gbean>
                             </config-xml-content>
                             <config-substitution key="JMXSecurePort">9998</config-substitution>

Modified: geronimo/server/branches/2.2/framework/modules/geronimo-cli/src/main/java/org/apache/geronimo/cli/daemon/DaemonCLParser.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/framework/modules/geronimo-cli/src/main/java/org/apache/geronimo/cli/daemon/DaemonCLParser.java?rev=938358&r1=938357&r2=938358&view=diff
==============================================================================
--- geronimo/server/branches/2.2/framework/modules/geronimo-cli/src/main/java/org/apache/geronimo/cli/daemon/DaemonCLParser.java
(original)
+++ geronimo/server/branches/2.2/framework/modules/geronimo-cli/src/main/java/org/apache/geronimo/cli/daemon/DaemonCLParser.java
Tue Apr 27 08:34:57 2010
@@ -38,12 +38,19 @@ public class DaemonCLParser extends Base
     private final static String ARGUMENT_MODULE_OVERRIDE_SHORTFORM = "o";
     private final static String ARGUMENT_MODULE_OVERRIDE = "override";
     
+    private final static String ARGUMENT_SECURE_SHORTFORM="s";
+    private final static String ARGUMENT_SECURE="secure";
     public DaemonCLParser(OutputStream out) {
         super(out);
         addProgressOptions();
         addOverride();
+        addSecure();
     }
 
+    public boolean isSecure()
+    {
+        return commandLine.hasOption(ARGUMENT_SECURE_SHORTFORM);
+    }
     public boolean isNoProgress() {
         return commandLine.hasOption(ARGUMENT_NO_PROGRESS_SHORTFORM);
     }
@@ -79,6 +86,12 @@ public class DaemonCLParser extends Base
         Option option = optionBuilder.create(ARGUMENT_MODULE_OVERRIDE_SHORTFORM);
         options.addOption(option);
     }
+    protected void addSecure() {
+        options.addOption(ARGUMENT_SECURE_SHORTFORM,
+                ARGUMENT_SECURE,
+                false,
+                "Use secure channel to communicate with the server.  Unsecured channel is
used by default.");
+    }
 
     protected void addProgressOptions() {
         OptionGroup optionGroup = new OptionGroup();

Modified: geronimo/server/branches/2.2/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/main/EmbeddedDaemon.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/main/EmbeddedDaemon.java?rev=938358&r1=938357&r2=938358&view=diff
==============================================================================
--- geronimo/server/branches/2.2/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/main/EmbeddedDaemon.java
(original)
+++ geronimo/server/branches/2.2/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/main/EmbeddedDaemon.java
Tue Apr 27 08:34:57 2010
@@ -18,14 +18,17 @@
 package org.apache.geronimo.system.main;
 
 import java.io.File;
+import java.io.FileInputStream;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.LinkedHashSet;
 import java.util.List;
+import java.util.Properties;
 import java.util.Set;
 
 import org.apache.geronimo.cli.daemon.DaemonCLParser;
 import org.apache.geronimo.common.GeronimoEnvironment;
+import org.apache.geronimo.crypto.EncryptionManager;
 import org.apache.geronimo.gbean.AbstractName;
 import org.apache.geronimo.gbean.AbstractNameQuery;
 import org.apache.geronimo.gbean.GBeanInfo;
@@ -53,6 +56,11 @@ public class EmbeddedDaemon implements M
     private StartupMonitor monitor;
     private LifecycleMonitor lifecycleMonitor;
     private List<Artifact> configs = new ArrayList<Artifact>();
+    static String KEYSTORE_TRUSTSTORE_PASSWORD_FILE = "org.apache.geronimo.keyStoreTrustStorePasswordFile";
+    static String DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION = "/var/security/keystores/geronimo-default";
+    static String GERONIMO_HOME = "org.apache.geronimo.home.dir";
+    static String DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE = System.getProperty(GERONIMO_HOME)
+            + "/var/config/config-substitutions.properties";
 
     public EmbeddedDaemon(Kernel kernel) {
         this.kernel = kernel;
@@ -65,6 +73,7 @@ public class EmbeddedDaemon implements M
         DaemonCLParser parser = (DaemonCLParser) opaque;
         initializeMonitor(parser);
         initializeOverride(parser);
+        initializeSecure(parser);
 
         long start = System.currentTimeMillis();
 
@@ -78,6 +87,40 @@ public class EmbeddedDaemon implements M
         return doStartup();
     }
 
+    protected void initializeSecure(DaemonCLParser parser)
+    {
+        if(parser.isSecure()){
+            try {
+                Properties props = new Properties();
+
+                String keyStorePassword = null;
+                String trustStorePassword = null;
+
+                FileInputStream fstream = new FileInputStream(System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE,
+                        DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
+                props.load(fstream);
+
+                keyStorePassword = (String) EncryptionManager.decrypt(props.getProperty("keyStorePassword"));
+                trustStorePassword = (String) EncryptionManager.decrypt(props.getProperty("trustStorePassword"));
+
+                fstream.close();
+
+                String value = System.getProperty("javax.net.ssl.keyStore", System.getProperty(GERONIMO_HOME)
+                        + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
+                String value1 = System.getProperty("javax.net.ssl.trustStore", System.getProperty(GERONIMO_HOME)
+                        + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
+                System.setProperty("javax.net.ssl.keyStore", value);
+                System.setProperty("javax.net.ssl.trustStore", value1);
+                System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
+                System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
+            } 
+
+            catch(IOException e)
+            {
+                e.printStackTrace();
+            }
+        }
+    }
     protected void initializeOverride(DaemonCLParser parser) {
         String[] override = parser.getOverride();
         if (null != override) {

Modified: geronimo/server/branches/2.2/plugins/clustering/clustering/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/plugins/clustering/clustering/src/main/plan/plan.xml?rev=938358&r1=938357&r2=938358&view=diff
==============================================================================
--- geronimo/server/branches/2.2/plugins/clustering/clustering/src/main/plan/plan.xml (original)
+++ geronimo/server/branches/2.2/plugins/clustering/clustering/src/main/plan/plan.xml Tue
Apr 27 08:34:57 2010
@@ -22,9 +22,14 @@
 
     <gbean name="Node" class="org.apache.geronimo.clustering.BasicLocalNode">
         <attribute name="nodeName">${PlanNodeName}</attribute>
-        <reference name="JMXConnector">
-            <name>JMXService</name>
-        </reference>
+        <references name="JMXConnector">
+            <pattern>
+                <name>JMXService</name>
+            </pattern>
+            <pattern>
+                <name>JMXSecureConnector</name>
+            </pattern>
+        </references>
     </gbean>
 
 </module>



Mime
View raw message