karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Tran <dant...@gmail.com>
Subject Re: svn commit: r1476704 - in /karaf/branches/karaf-2.x: assemblies/apache-karaf/src/main/distribution/text/etc/ management/server/src/main/java/org/apache/karaf/management/ management/server/src/main/resources/OSGI-INF/blueprint/ management/server/src/mai...
Date Sun, 28 Apr 2013 06:34:02 GMT
you can relate them to together and close both when you are done.

thanks

-D


On Sat, Apr 27, 2013 at 9:50 PM, Freeman Fang <freeman.fang@gmail.com>wrote:

> Hi,
>
> Yeah, if you specify both rmiRegistryHost and rmiServerHost as
> 127.0.0.1(localhost), then this can prevent remote jmx access.
> -------------
> Freeman(Yue) Fang
>
> Red Hat, Inc.
> FuseSource is now part of Red Hat
> Web: http://fusesource.com | http://www.redhat.com/
> Twitter: freemanfang
> Blog: http://freemanfang.blogspot.com
> http://blog.sina.com.cn/u/1473905042
> weibo: @Freeman小屋
>
> On 2013-4-28, at 下午12:08, Dan Tran wrote:
>
> > is this related to https://issues.apache.org/jira/browse/KARAF-2137 ??
> >
> > Thanks
> >
> > -D
> >
> >
> > On Sat, Apr 27, 2013 at 7:27 PM, Freeman Fang <freeman.fang@gmail.com
> >wrote:
> >
> >> It's backward compatible for the early karaf 2.3.x, but the karaf 2.2.x
> >> default org.apache.karaf.management.cfg should also work.
> >> -------------
> >> Freeman(Yue) Fang
> >>
> >> Red Hat, Inc.
> >> FuseSource is now part of Red Hat
> >> Web: http://fusesource.com | http://www.redhat.com/
> >> Twitter: freemanfang
> >> Blog: http://freemanfang.blogspot.com
> >> http://blog.sina.com.cn/u/1473905042
> >> weibo: @Freeman小屋
> >>
> >> On 2013-4-28, at 上午10:22, Dan Tran wrote:
> >>
> >>> Oops, sorry this does not apply to 2.2.x
> >>>
> >>> -D
> >>>
> >>> On Saturday, April 27, 2013, Dan Tran wrote:
> >>>
> >>>> is this backward compatible with existing karaf 2.2.x
> >>>> org.apache.karaf.managment.cfg file?
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> On Sat, Apr 27, 2013 at 6:44 PM, <ffang@apache.org <javascript:_e({},
> >>>> 'cvml', 'ffang@apache.org');>> wrote:
> >>>>
> >>>>> Author: ffang
> >>>>> Date: Sun Apr 28 01:44:25 2013
> >>>>> New Revision: 1476704
> >>>>>
> >>>>> URL: http://svn.apache.org/r1476704
> >>>>> Log:
> >>>>> [KARAF-2291]make rmiServerHost configurable
> >>>>>
> >>>>> Modified:
> >>>>>
> >>>>>
> >>
> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
> >>>>>
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
> >>>>>
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
> >>>>>
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
> >>>>>
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
> >>>>>
> >>>>> Modified:
> >>>>>
> >>
> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
> >>>>> URL:
> >>>>>
> >>
> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg?rev=1476704&r1=1476703&r2=1476704&view=diff
> >>>>>
> >>>>>
> >>
> ==============================================================================
> >>>>> ---
> >>>>>
> >>
> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
> >>>>> (original)
> >>>>> +++
> >>>>>
> >>
> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
> >>>>> Sun Apr 28 01:44:25 2013
> >>>>> @@ -36,6 +36,8 @@ rmiRegistryHost = 0.0.0.0
> >>>>> #
> >>>>> rmiServerPort = 44444
> >>>>>
> >>>>> +rmiServerHost = 0.0.0.0
> >>>>> +
> >>>>> #
> >>>>> # Name of the JAAS realm used for authentication
> >>>>> #
> >>>>> @@ -44,7 +46,7 @@ jmxRealm = karaf
> >>>>> #
> >>>>> # The service URL for the JMXConnectorServer
> >>>>> #
> >>>>> -serviceUrl = service:jmx:rmi://0.0.0.0:
> >>>>>
> >>
> ${rmiServerPort}/jndi/rmi://${rmiRegistryHost}:${rmiRegistryPort}/karaf-${
> >>>>> karaf.name}
> >>>>> +serviceUrl =
> >>>>>
> >>
> service:jmx:rmi://${rmiServerHost}:${rmiServerPort}/jndi/rmi://${rmiRegistryHost}:${rmiRegistryPort}/karaf-${
> >>>>> karaf.name}
> >>>>>
> >>>>> #
> >>>>> # Whether any threads started for the JMXConnectorServer should
be
> >>>>> started as daemon threads
> >>>>>
> >>>>> Modified:
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
> >>>>> URL:
> >>>>>
> >>
> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java?rev=1476704&r1=1476703&r2=1476704&view=diff
> >>>>>
> >>>>>
> >>
> ==============================================================================
> >>>>> ---
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
> >>>>> (original)
> >>>>> +++
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
> >>>>> Sun Apr 28 01:44:25 2013
> >>>>> @@ -20,6 +20,7 @@ import org.apache.karaf.jaas.config.Keys
> >>>>>
> >>>>> import java.io.IOException;
> >>>>> import java.net.BindException;
> >>>>> +import java.net.InetAddress;
> >>>>> import java.net.ServerSocket;
> >>>>> import java.rmi.server.RMIClientSocketFactory;
> >>>>> import java.rmi.server.RMIServerSocketFactory;
> >>>>> @@ -33,6 +34,7 @@ import javax.management.remote.JMXConnec
> >>>>> import javax.management.remote.JMXConnectorServerFactory;
> >>>>> import javax.management.remote.JMXServiceURL;
> >>>>> import javax.management.remote.rmi.RMIConnectorServer;
> >>>>> +import javax.net.ServerSocketFactory;
> >>>>> import javax.net.ssl.KeyManagerFactory;
> >>>>> import javax.net.ssl.SSLServerSocket;
> >>>>> import javax.net.ssl.SSLServerSocketFactory;
> >>>>> @@ -44,6 +46,7 @@ public class ConnectorServerFactory {
> >>>>>
> >>>>>    private MBeanServer server;
> >>>>>    private String serviceUrl;
> >>>>> +    private String rmiServerHost;
> >>>>>    private Map environment;
> >>>>>    private ObjectName objectName;
> >>>>>    private boolean threaded = false;
> >>>>> @@ -201,11 +204,12 @@ public class ConnectorServerFactory {
> >>>>>    }
> >>>>>
> >>>>>    public void init() throws Exception {
> >>>>> +        System.out.println("the serviceUrl is " + serviceUrl);
> >>>>>        if (this.server == null) {
> >>>>>            throw new IllegalArgumentException("server must be set");
> >>>>>        }
> >>>>>        JMXServiceURL url = new JMXServiceURL(this.serviceUrl);
> >>>>> -
> >>>>> +        setupKarafRMIServerSocketFactory();
> >>>>>        if (isClientAuth()) {
> >>>>>            this.secured = true;
> >>>>>        }
> >>>>> @@ -280,7 +284,7 @@ public class ConnectorServerFactory {
> >>>>>
> >>>>>    private void setupSsl() throws GeneralSecurityException {
> >>>>>        SSLServerSocketFactory sslServerSocketFactory =
> >>>>> keystoreManager.createSSLServerFactory(null, secureProtocol,
> algorithm,
> >>>>> keyStore, keyAlias, trustStore, keyStoreAvailabilityTimeout);
> >>>>> -        RMIServerSocketFactory rmiServerSocketFactory = new
> >>>>> KarafSslRMIServerSocketFactory(sslServerSocketFactory,
> >> this.isClientAuth());
> >>>>> +        RMIServerSocketFactory rmiServerSocketFactory = new
> >>>>> KarafSslRMIServerSocketFactory(sslServerSocketFactory,
> >> this.isClientAuth(),
> >>>>> getRmiServerHost());
> >>>>>        RMIClientSocketFactory rmiClientSocketFactory = new
> >>>>> SslRMIClientSocketFactory();
> >>>>>
> >>>>>
> environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE,
> >>>>> rmiServerSocketFactory);
> >>>>>
> >>>>>
> environment.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE,
> >>>>> rmiClientSocketFactory);
> >>>>> @@ -288,20 +292,54 @@ public class ConnectorServerFactory {
> >>>>>        // environment.put("com.sun.jndi.rmi.factory.socket",
> >>>>> rmiClientSocketFactory);
> >>>>>    }
> >>>>>
> >>>>> +    private void setupKarafRMIServerSocketFactory() {
> >>>>> +        RMIServerSocketFactory rmiServerSocketFactory = new
> >>>>> KarafRMIServerSocketFactory(getRmiServerHost());
> >>>>> +
> >>>>>
> environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE,
> >>>>> rmiServerSocketFactory);
> >>>>> +    }
> >>>>> +
> >>>>> +    public String getRmiServerHost() {
> >>>>> +        return rmiServerHost;
> >>>>> +    }
> >>>>> +
> >>>>> +    public void setRmiServerHost(String rmiServerHost) {
> >>>>> +        this.rmiServerHost = rmiServerHost;
> >>>>> +    }
> >>>>> +
> >>>>>    private static class KarafSslRMIServerSocketFactory implements
> >>>>> RMIServerSocketFactory {
> >>>>>        private SSLServerSocketFactory sslServerSocketFactory;
> >>>>>        private boolean clientAuth;
> >>>>> +        private String rmiServerHost;
> >>>>>
> >>>>> -        public KarafSslRMIServerSocketFactory(SSLServerSocketFactory
> >>>>> sslServerSocketFactory, boolean clientAuth) {
> >>>>> +        public KarafSslRMIServerSocketFactory(SSLServerSocketFactory
> >>>>> sslServerSocketFactory, boolean clientAuth, String rmiServerHost)
{
> >>>>>            this.sslServerSocketFactory = sslServerSocketFactory;
> >>>>>            this.clientAuth = clientAuth;
> >>>>> +            this.rmiServerHost = rmiServerHost;
> >>>>>        }
> >>>>>
> >>>>>        public ServerSocket createServerSocket(int port) throws
> >>>>> IOException {
> >>>>> -            SSLServerSocket sslServerSocket = (SSLServerSocket)
> >>>>> sslServerSocketFactory.createServerSocket(port);
> >>>>> +            System.out.println(rmiServerHost);
> >>>>> +
>  System.out.println(InetAddress.getByName(rmiServerHost));
> >>>>> +            SSLServerSocket sslServerSocket = (SSLServerSocket)
> >>>>> sslServerSocketFactory.createServerSocket(port, 50,
> >>>>> InetAddress.getByName(rmiServerHost));
> >>>>>            sslServerSocket.setNeedClientAuth(clientAuth);
> >>>>> +            System.out.println(sslServerSocket);
> >>>>>            return sslServerSocket;
> >>>>>        }
> >>>>>    }
> >>>>> +
> >>>>> +    private static class KarafRMIServerSocketFactory implements
> >>>>> RMIServerSocketFactory {
> >>>>> +        private String rmiServerHost;
> >>>>> +
> >>>>> +        public KarafRMIServerSocketFactory(String rmiServerHost)
{
> >>>>> +            this.rmiServerHost = rmiServerHost;
> >>>>> +        }
> >>>>> +
> >>>>> +        public ServerSocket createServerSocket(int port) throws
> >>>>> IOException {
> >>>>> +            System.out.println(rmiServerHost);
> >>>>> +
>  System.out.println(InetAddress.getByName(rmiServerHost));
> >>>>> +            ServerSocket serverSocket = (ServerSocket)
> >>>>> ServerSocketFactory.getDefault().createServerSocket(port, 50,
> >>>>> InetAddress.getByName(rmiServerHost));
> >>>>> +            System.out.println(serverSocket);
> >>>>> +            return serverSocket;
> >>>>> +        }
> >>>>> +    }
> >>>>>
> >>>>> }
> >>>>>
> >>>>> Modified:
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
> >>>>> URL:
> >>>>>
> >>
> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml?rev=1476704&r1=1476703&r2=1476704&view=diff
> >>>>>
> >>>>>
> >>
> ==============================================================================
> >>>>> ---
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
> >>>>> (original)
> >>>>> +++
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
> >>>>> Sun Apr 28 01:44:25 2013
> >>>>> @@ -34,6 +34,7 @@
> >>>>>        <cm:default-properties>
> >>>>>            <cm:property name="rmiRegistryHost" value="0.0.0.0"/>
> >>>>>            <cm:property name="rmiRegistryPort" value="1099"/>
> >>>>> +            <cm:property name="rmiServerHost" value="0.0.0.0"/>
> >>>>>            <cm:property name="rmiServerPort" value="44444"/>
> >>>>>            <cm:property name="jmxRealm" value="karaf"/>
> >>>>>            <cm:property name="jmxRole" value="$[karaf.admin.role]"/>
> >>>>> @@ -80,6 +81,7 @@
> >>>>>          destroy-method="destroy">
> >>>>>        <property name="server" ref="mbeanServer"/>
> >>>>>        <property name="serviceUrl" value="${serviceUrl}"/>
> >>>>> +        <property name="rmiServerHost" value="${rmiServerHost}"/>
> >>>>>        <property name="daemon" value="${daemon}"/>
> >>>>>        <property name="threaded" value="${threaded}"/>
> >>>>>        <property name="objectName" value="${objectName}"/>
> >>>>>
> >>>>> Modified:
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
> >>>>> URL:
> >>>>>
> >>
> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties?rev=1476704&r1=1476703&r2=1476704&view=diff
> >>>>>
> >>>>>
> >>
> ==============================================================================
> >>>>> ---
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
> >>>>> (original)
> >>>>> +++
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
> >>>>> Sun Apr 28 01:44:25 2013
> >>>>> @@ -30,6 +30,9 @@ rmiRegistryHost.description = host of th
> >>>>> rmiRegistryPort.name = RMI Registry Port
> >>>>> rmiRegistryPort.description = port of the registry for the exported
> RMI
> >>>>> service
> >>>>>
> >>>>> +rmiServerHost.name = RMI Server Host
> >>>>> +rmiServerHost.description = host of the server for the exported
RMI
> >>>>> objects. Blank for all interfaces
> >>>>> +
> >>>>> rmiServerPort.name = RMI Server Port
> >>>>> rmiServerPort.description = port of the server for the exported
RMI
> >>>>> objects
> >>>>>
> >>>>>
> >>>>> Modified:
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
> >>>>> URL:
> >>>>>
> >>
> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml?rev=1476704&r1=1476703&r2=1476704&view=diff
> >>>>>
> >>>>>
> >>
> ==============================================================================
> >>>>> ---
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
> >>>>> (original)
> >>>>> +++
> >>>>>
> >>
> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
> >>>>> Sun Apr 28 01:44:25 2013
> >>>>> @@ -23,6 +23,8 @@
> >>>>>            description="%rmiRegistryHost.description"/>
> >>>>>        <AD id="rmiRegistryPort" type="Integer" default="1099"
> >>>>> name="%rmiRegistryPort.name"
> >>>>>            description="%rmiRegistryPort.description"/>
> >>>>> +        <AD id="rmiServerHost" type="String" default=""
> >>>>> name="%rmiServerHost.name"
> >>>>> +            description="%rmiServerHost.description"/>
> >>>>>        <AD id="rmiServerPort" type="Integer" default="44444"
> >>>>> name="%rmiServerPort.name"
> >>>>>            description="%rmiServerPort.description"/>
> >>>>>        <AD id="jmxRealm" type="String" default="karaf"
> >>>>> name="%jmxRealm.name"
> >>>>>
> >>>>>
> >>>>>
> >>>>
> >>
> >>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message