[issues] Commented: (RADMAN-61) Document how to secure exposed JMX services

Wed, 12 Sep 2007 00:46:32 -0700 

    [ 
http://issues.ops4j.org/jira/browse/RADMAN-61?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_10724
 ] 

Gavin Bong commented on RADMAN-61:
----------------------------------

Before the security features were added, creating a JMXServer is (almost) a 
deterministic operation. 
When I say "creating a JMXServer", I mean:

POSTCONDITION #1: 
At the conclusion of method call JMXServerImpl.start(..), an OSGi service is 
registered into the 
runtime such that the following filter will return a value.

    &( objectClass=org.ops4j.pax.radman.jmx.JMXServer )( 
service.pid=some.chosen.pid )

This code snippet will suffice (pre-security changes):-

Properties props = ....
BundleContext context = ...
JMXServerInfo info = ...

JMXServerImpl server = new JMXServerImpl( context, info );
server.start( props );

With the new modifications to support security, calling server.start( props ) 
does not satisfy POSTCONDITION #1 anymore.
For more detail, refer to the diagram 
http://issues.ops4j.org/jira/secure/attachment/10110/bug_seq_mods.png

Problem: If props specifies that this JMXServer requires a JMXAuthenticator, 
and the authenticator has not been initialized
via JMXServerImpl.setAuthenticator( ... ), start() will return without doing 
anything. Thus no MBeanServer is created. And 
when MBeanServiceTracker.addJmxServer( jmxserver ) is called, nothing is 
registered.

> Document how to secure exposed JMX services
> -------------------------------------------
>
>                 Key: RADMAN-61
>                 URL: http://issues.ops4j.org/jira/browse/RADMAN-61
>             Project: Pax RadMan
>          Issue Type: Task
>            Reporter: Gavin Bong
>            Assignee: Gavin Bong
>         Attachments: bug_seq_mods.png
>
>


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.ops4j.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

_______________________________________________
general mailing list
general@lists.ops4j.org
http://lists.ops4j.org/mailman/listinfo/general

Reply via email to