karaf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ff...@apache.org
Subject git commit: [KARAF-3024]RBAC - Support wildcard in jmx.acl.....cfg filename
Date Fri, 06 Jun 2014 04:00:49 GMT
Repository: karaf
Updated Branches:
  refs/heads/karaf-2.x 5e9b1c563 -> 397477b9d


[KARAF-3024]RBAC - Support wildcard in jmx.acl.....cfg filename


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/397477b9
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/397477b9
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/397477b9

Branch: refs/heads/karaf-2.x
Commit: 397477b9d237c788ce832ead3f8fc0a6ed4d1451
Parents: 5e9b1c5
Author: Freeman Fang <freeman.fang@gmail.com>
Authored: Fri Jun 6 11:59:22 2014 +0800
Committer: Freeman Fang <freeman.fang@gmail.com>
Committed: Fri Jun 6 11:59:22 2014 +0800

----------------------------------------------------------------------
 .../karaf/management/KarafMBeanServerGuard.java | 37 ++++++++++++++++++--
 1 file changed, 34 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/397477b9/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
----------------------------------------------------------------------
diff --git a/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
b/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
index 83140ba..15013f6 100644
--- a/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
+++ b/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
@@ -27,6 +27,8 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.List;
+import java.util.StringTokenizer;
+import java.util.regex.Pattern;
 
 import javax.management.Attribute;
 import javax.management.AttributeList;
@@ -53,6 +55,8 @@ public class KarafMBeanServerGuard implements InvocationHandler {
     private static final String JMX_ACL_WHITELIST = "jmx.acl.whitelist";
     
     private static final String ROLE_WILDCARD = "*";
+    
+    private static final String JMX_OBJECTNAME_PROPERTY_WILDCARD = "_";
 
     private ConfigurationAdmin configAdmin;
 
@@ -292,8 +296,9 @@ public class KarafMBeanServerGuard implements InvocationHandler {
         }
 
         for (String pid : iterateDownPids(getNameSegments(objectName))) {
-            if (allPids.contains(pid)) {
-                Configuration config = configAdmin.getConfiguration(pid);
+            String generalPid = getGeneralPid(allPids, pid);
+            if (generalPid.length() > 0) {
+                Configuration config = configAdmin.getConfiguration(generalPid);
                 List<String> roles = new ArrayList<String>();
                 ACLConfigurationParser.Specificity s = ACLConfigurationParser.getRolesForInvocation(methodName,
params, signature, config.getProperties(), roles);
                 if (s != ACLConfigurationParser.Specificity.NO_MATCH) {
@@ -303,7 +308,33 @@ public class KarafMBeanServerGuard implements InvocationHandler {
         }
         return Collections.emptyList();
     }
-
+    
+    private String getGeneralPid(List<String> allPids, String pid) {
+        String ret = "";
+        String[] pidStrArray = pid.split(Pattern.quote("."));
+        for (String id : allPids) {
+            String[] idStrArray = id.split(Pattern.quote("."));
+            if (idStrArray.length == pidStrArray.length) {
+                boolean match = true;
+                for (int i = 0; i < idStrArray.length; i++) {
+                    if (idStrArray[i].equals(JMX_OBJECTNAME_PROPERTY_WILDCARD) 
+                        || idStrArray[i].equals(pidStrArray[i])) {
+                        continue;
+                    } else {
+                        match = false;
+                        break;
+                    }
+                }
+                if (match) {
+                    ret = id;
+                    return ret;
+                }
+            }
+        }
+        
+        return ret;
+    }
+    
     private List<String> getNameSegments(ObjectName objectName) {
         List<String> segments = new ArrayList<String>();
         segments.add(objectName.getDomain());


Mime
View raw message