This is an automated email from the ASF dual-hosted git repository. jbonofre pushed a commit to branch karaf-4.2.x in repository https://gitbox.apache.org/repos/asf/karaf.git
commit c4ad84ad2708c5faa88cc3098e0b37a1a4307a28 Author: Jean-Baptiste Onofré <jbono...@apache.org> AuthorDate: Mon Jan 10 21:27:32 2022 +0100 Revert "[KARAF-7312] Add JMX credentials filter pattern support on the RMI" This reverts commit 72f446e5a0ffda2929f113acfc76493ab478264a. --- assemblies/features/standard/src/main/feature/feature.xml | 5 ----- .../main/java/org/apache/karaf/management/internal/Activator.java | 6 ------ 2 files changed, 11 deletions(-) diff --git a/assemblies/features/standard/src/main/feature/feature.xml b/assemblies/features/standard/src/main/feature/feature.xml index c9d6ff3..e7ea86c 100644 --- a/assemblies/features/standard/src/main/feature/feature.xml +++ b/assemblies/features/standard/src/main/feature/feature.xml @@ -1369,11 +1369,6 @@ jmxmpObjectName = connector:name=jmxmp # Locate an existing MBean server if possible (usefull when Karaf is embedded) # #locateExistingMBeanServerIfPossible = true - -# -# Enforce credentials filter pattern to avoid deserialization -# -#jmx.remote.rmi.server.credentials.filter.pattern=java.lang.String;!* </config> <feature>jaas</feature> <bundle dependency="true" start-level="20">mvn:org.apache.aries/org.apache.aries.util/${aries.util.version}</bundle> diff --git a/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java b/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java index 2b5861b..c4f1a21 100644 --- a/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java +++ b/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java @@ -21,7 +21,6 @@ import java.util.Map; import javax.management.MBeanServer; import javax.management.ObjectName; -import javax.management.remote.rmi.RMIConnectorServer; import org.apache.karaf.jaas.config.KeystoreInstance; import org.apache.karaf.jaas.config.KeystoreManager; @@ -110,10 +109,6 @@ public class Activator extends BaseActivator implements ManagedService { originalRmiServerHostname = System.getProperty("java.rmi.server.hostname"); System.setProperty("java.rmi.server.hostname", rmiServerHost); - // https://issues.apache.org/jira/browse/KARAF-7312 - // security enforcement using credentials filter pattern, passed via environment map - String credentialsFilterPattern = getString(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN, String.class.getName() + ";!*"); - String jmxRealm = getString("jmxRealm", "karaf"); String serviceUrl = getString("serviceUrl", "service:jmx:rmi://" + rmiServerHost + ":" + rmiServerPort + "/jndi/rmi://" + rmiRegistryHost + ":" + rmiRegistryPort + "/karaf-" + System.getProperty("karaf.name")); @@ -175,7 +170,6 @@ public class Activator extends BaseActivator implements ManagedService { jmxmpEnvironment.put("jmx.remote.sasl.callback.handler", jaasAuthenticator); Map<String, Object> environment = new HashMap<>(); environment.put("jmx.remote.authenticator", jaasAuthenticator); - environment.put(RMIConnectorServer.CREDENTIALS_FILTER_PATTERN, credentialsFilterPattern); try { connectorServerFactory.setEnvironment(environment); connectorServerFactory.setJmxmpEnvironment(jmxmpEnvironment);