As part of a project at my day job, we are adding a fair bit of JMX
instrumentation to our product. As a part of this effort, I will be
creating some MBeans for shiro and I would like to include these in the
project. So I have some questions for the community.
1. Would this be of interest?
2. What sort of MBeans would you like to see? The ones that I would
like and am thinking of are listed below.
3. Are there any architectural thoughts on how I should go about this?
My plan right now is to write some MXBean interfaces and then implement
them.
This is my first pass at what I intend to expose. I'm sure that I'll
think of more information as I go.
Beans:
SecurityManagerMXBean
Attributes:
authenticators
authorizers
session manager
Operations:
username/password authentication check (and subsequent subject
introspection)
subject permission/role check
SessionDaoMXBean
Attributes:
active sessions
Operations:
delete session
RealmMXBean (per realm)
Attributes:
configuration
Operations:
username/password authentication check (and subsequent subject
introspection)
subject permission/role check
FilterMXBean (per filter)
Attributes
configuration
Operations:
enable/disable
FilterChainMXBean
Attributes:
filter chains
Operations:
whatChainMapsToUrl
username/password authentication check for a specified url
As you can see, my goals is "introspect and potentially change the
configuration of objects" and "test assertions about how shiro objects
behave".
I don't have a timeline for this yet, but I'd like to know your thoughts.
Thanks,
Jared
