Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for JMXRP #14

Open
wsargent opened this issue Sep 1, 2017 · 0 comments
Open

Support for JMXRP #14

wsargent opened this issue Sep 1, 2017 · 0 comments

Comments

@wsargent
Copy link

wsargent commented Sep 1, 2017

It'd be nice if there were out of the box support for JMXRP in addition to RMI. TLS / SASL support might be annoying to work in, but it looks like the RMI server has mostly the same code as this example JMXRP code:

package com.example;

import javax.management.MBeanServerConnection;
import javax.management.ObjectName;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;
import javax.net.ssl.*;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

/**
 * Dumps info about the specified MBean from the JMXConnectorServer at
 * the specified URL.
 */
public class ConnectorClient {

    static KeyStore trustStore(String type, String name, char[] password) throws Exception {
        KeyStore anchors = KeyStore.getInstance(type);
        anchors.load(new FileInputStream(name), password);
        return anchors;
    }

    static KeyStore.Builder keystore(String type, String filename, char[] password) {
        return KeyStore.Builder.newInstance(type, null, new File(filename), new KeyStore.PasswordProtection(password));
    }

    static  KeyManagerFactory keyManagerFactory(KeyStore.Builder... keystores) throws Exception {
        KeyStoreBuilderParameters ksParams = new KeyStoreBuilderParameters(Arrays.asList(keystores));
        KeyManagerFactory factory = KeyManagerFactory.getInstance("NewSunX509");
        factory.init(ksParams);
        return factory;
    }

    static TrustManagerFactory trustManagerFactory(KeyStore anckors) throws Exception {
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
        tmf.init(anckors);
        return tmf;
    }

    static SSLSocketFactory socketFactory(KeyManagerFactory kmf, TrustManagerFactory tmf) throws Exception {
        SSLParameters sslParams = new SSLParameters();
        sslParams.setEndpointIdentificationAlgorithm("HTTPS");
        SSLContext ctx = SSLContext.getInstance("TLSv1.2");

        ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
        SSLSocketFactory ssf = ctx.getSocketFactory();
        return ssf;
    }

    static MBeanServerConnection mbsc = null;
    static public void main(String[] sa) throws Exception {
        String urlString = "service:jmx:jmxmp://localhost:9999";
        String beanId = "com.example:type=Hello";

        KeyManagerFactory kmf = keyManagerFactory(keystore("JKS", "src/universal/conf/certs/client.jks", "changeit".toCharArray()));
        TrustManagerFactory tmf = trustManagerFactory(trustStore("JKS", "src/universal/conf/certs/exampletrust.jks", "changeit".toCharArray()));
        SSLSocketFactory socketFactory = socketFactory(kmf, tmf);

        Map env = new HashMap();
        env.put("jmx.remote.profiles", "TLS");
        env.put("jmx.remote.tls.enabled.protocols", "TLSv1.2");
        env.put("jmx.remote.tls.enabled.cipher.suites", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
        env.put("jmx.remote.tls.socket.factory", socketFactory);

        JMXConnector c =
                JMXConnectorFactory.connect(new JMXServiceURL(urlString), env);
        // If you aren't setting a profile or any other options, you can use
        // null for the second connect() parameter, instead of an empty list.
        try {
            mbsc = c.getMBeanServerConnection();

            // For this example, I chose to not expose the Adaptor as an
            // MBean, which is sometimes a good thing to do for security.
            // Therefore, I use it as a normal Java Object.
            System.err.println("Info on '" + beanId + "' is:");
            javax.management.MBeanAttributeInfo[] aa =
                    mbsc.getMBeanInfo(new ObjectName(beanId)).getAttributes();
            for (int i = 0; i < aa.length; i++)
                System.err.println(aa[i].getName());
        } finally {
            if (c != null) c.close();
        }
        System.exit(0);
    }
}

https://www.javaworld.com/article/2072256/remote-jmx--connectors-and-adapters.html?page=2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wsargent