public static ChannelServer create(final Configuration configuration) throws IOException {
if (configuration == null) {
throw new IllegalArgumentException("Null configuration");
}
configuration.validate();
final Endpoint endpoint =
Remoting.createEndpoint(configuration.getEndpointName(), configuration.getOptionMap());
Registration registration =
endpoint.addConnectionProvider(
configuration.getUriScheme(),
new RemoteConnectionProviderFactory(),
OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE));
final NetworkServerProvider networkServerProvider =
endpoint.getConnectionProviderInterface(
configuration.getUriScheme(), NetworkServerProvider.class);
SimpleServerAuthenticationProvider provider = new SimpleServerAuthenticationProvider();
// There is currently a probable bug in jboss remoting, so the user realm name MUST be the same
// as
// the endpoint name.
provider.addUser("bob", configuration.getEndpointName(), "pass".toCharArray());
AcceptingChannel<? extends ConnectedStreamChannel> streamServer =
networkServerProvider.createServer(
configuration.getBindAddress(),
OptionMap.create(Options.SASL_MECHANISMS, Sequence.of("CRAM-MD5")),
provider,
null);
return new ChannelServer(endpoint, registration, streamServer);
}
@BeforeClass
public static void create() throws Exception {
final WildFlyElytronProvider provider = new WildFlyElytronProvider();
Security.addProvider(provider);
providerName = provider.getName();
endpoint = Endpoint.builder().setEndpointName("test").build();
NetworkServerProvider networkServerProvider =
endpoint.getConnectionProviderInterface("remote", NetworkServerProvider.class);
final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
final SimpleMapBackedSecurityRealm mainRealm = new SimpleMapBackedSecurityRealm();
domainBuilder.addRealm("mainRealm", mainRealm).build();
domainBuilder.setDefaultRealmName("mainRealm");
domainBuilder.setPermissionMapper((permissionMappable, roles) -> PermissionVerifier.ALL);
final PasswordFactory passwordFactory = PasswordFactory.getInstance("clear");
mainRealm.setPasswordMap(
"bob", passwordFactory.generatePassword(new ClearPasswordSpec("pass".toCharArray())));
final SaslServerFactory saslServerFactory =
new ServiceLoaderSaslServerFactory(RemoteChannelCloseTest.class.getClassLoader());
final SaslAuthenticationFactory.Builder builder = SaslAuthenticationFactory.builder();
builder.setSecurityDomain(domainBuilder.build());
builder.setFactory(saslServerFactory);
builder.addMechanism(
SaslMechanismInformation.Names.SCRAM_SHA_256, MechanismConfiguration.EMPTY);
final SaslAuthenticationFactory saslAuthenticationFactory = builder.build();
streamServer =
networkServerProvider.createServer(
new InetSocketAddress("localhost", 30123), OptionMap.EMPTY, saslAuthenticationFactory);
}
public void start() throws IOException {
log.infof("Starting JMX Remoting Server %s", Version.getVersionString());
// Initialise general Remoting - this step would be implemented elsewhere when
// running within an application server.
final Xnio xnio = Xnio.getInstance();
endpoint = Remoting.createEndpoint("JMXRemoting", xnio, OptionMap.EMPTY);
endpoint.addConnectionProvider(
"remote", new RemoteConnectionProviderFactory(), OptionMap.EMPTY);
final NetworkServerProvider nsp =
endpoint.getConnectionProviderInterface("remote", NetworkServerProvider.class);
final SocketAddress bindAddress = new InetSocketAddress(host, listenerPort);
final OptionMap serverOptions = createOptionMap();
server = nsp.createServer(bindAddress, serverOptions, authenticationProvider, null);
Map<String, Object> configMap = new HashMap<String, Object>();
if (excludedVersions != null) {
configMap.put(EXCLUDED_VERSIONS, excludedVersions);
}
// Initialise the components that will provide JMX connectivity.
if (mbeanServerLocator == null) {
connectorServer =
new RemotingConnectorServer(
mbeanServer, endpoint, configMap, serverMessageEventHandlerFactory);
connectorServer.start();
} else {
delegatingServer =
new DelegatingRemotingConnectorServer(
mbeanServerLocator, endpoint, configMap, serverMessageEventHandlerFactory);
delegatingServer.start();
}
}
static DomainControllerClientConfig create(
final ExecutorService executorService, boolean destroyExecutor) throws IOException {
final Endpoint endpoint = Remoting.createEndpoint(ENDPOINT_NAME, OptionMap.EMPTY);
endpoint.addConnectionProvider(
"remote", new RemoteConnectionProviderFactory(), OptionMap.EMPTY);
return new DomainControllerClientConfig(endpoint, executorService, destroyExecutor);
}
public IoFuture<Connection> connect(
CallbackHandler handler, Map<String, String> saslOptions, SSLContext sslContext)
throws IOException {
OptionMap.Builder builder = OptionMap.builder();
builder.addAll(configuration.getOptionMap());
builder.set(SASL_POLICY_NOANONYMOUS, Boolean.FALSE);
builder.set(SASL_POLICY_NOPLAINTEXT, Boolean.FALSE);
if (isLocal() == false) {
builder.set(Options.SASL_DISALLOWED_MECHANISMS, Sequence.of(JBOSS_LOCAL_USER));
}
List<Property> tempProperties =
new ArrayList<Property>(saslOptions != null ? saslOptions.size() : 1);
tempProperties.add(Property.of("jboss.sasl.local-user.quiet-auth", "true"));
if (saslOptions != null) {
for (String currentKey : saslOptions.keySet()) {
tempProperties.add(Property.of(currentKey, saslOptions.get(currentKey)));
}
}
builder.set(Options.SASL_PROPERTIES, Sequence.of(tempProperties));
builder.set(Options.SSL_ENABLED, true);
builder.set(Options.SSL_STARTTLS, true);
CallbackHandler actualHandler = handler != null ? handler : new AnonymousCallbackHandler();
return endpoint.connect(uri, builder.getMap(), actualHandler, sslContext);
}
static {
final BlockingQueue<Runnable> workQueue = new LinkedBlockingQueue<Runnable>();
final ThreadFactory threadFactory =
new JBossThreadFactory(
new ThreadGroup("cli-remoting"),
Boolean.FALSE,
null,
"%G - %t",
null,
null,
doPrivileged(GetAccessControlContextAction.getInstance()));
executorService = new ThreadPoolExecutor(2, 4, 60L, TimeUnit.SECONDS, workQueue, threadFactory);
// Allow the core threads to time out as well
executorService.allowCoreThreadTimeOut(true);
try {
endpoint = Remoting.createEndpoint("cli-client", OptionMap.EMPTY);
endpoint.addConnectionProvider(
"remote", new RemoteConnectionProviderFactory(), OptionMap.EMPTY);
endpoint.addConnectionProvider(
"http-remoting",
new HttpUpgradeConnectionProviderFactory(),
OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE));
endpoint.addConnectionProvider(
"https-remoting",
new HttpUpgradeConnectionProviderFactory(),
OptionMap.create(Options.SSL_ENABLED, Boolean.TRUE));
} catch (IOException e) {
throw new IllegalStateException("Failed to create remoting endpoint", e);
}
CliShutdownHook.add(
new CliShutdownHook.Handler() {
@Override
public void shutdown() {
executorService.shutdown();
try {
executorService.awaitTermination(1, TimeUnit.SECONDS);
} catch (InterruptedException e) {
}
try {
endpoint.close();
} catch (IOException e) {
}
}
});
}
private void startServer() throws Exception {
final Xnio xnio = Xnio.getInstance();
endpoint = Remoting.createEndpoint("RemoteNaming", xnio, OptionMap.EMPTY);
endpoint.addConnectionProvider(
"remote", new RemoteConnectionProviderFactory(), OptionMap.EMPTY);
final NetworkServerProvider nsp =
endpoint.getConnectionProviderInterface("remote", NetworkServerProvider.class);
final SocketAddress bindAddress = new InetSocketAddress("localhost", 7999);
final OptionMap serverOptions = TestUtils.createOptionMap();
server =
nsp.createServer(
bindAddress, serverOptions, new TestUtils.DefaultAuthenticationHandler(), null);
remoteNamingService = new RemoteNamingService(localContext, Executors.newFixedThreadPool(10));
remoteNamingService.start(endpoint);
serverStopped = false;
}
/**
* Create and setup the remoting connection
*
* @throws Exception
*/
@BeforeClass
public static void beforeTestClass() throws Exception {
final Endpoint endpoint =
Remoting.createEndpoint("ejb-remote-client-endpoint", OptionMap.EMPTY);
endpoint.addConnectionProvider(
"remote",
new RemoteConnectionProviderFactory(),
OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE));
// open a connection
final int ejbRemotingPort =
EJBRemoteManagementUtil.getEJBRemoteConnectorPort("localhost", 9999);
final IoFuture<Connection> futureConnection =
endpoint.connect(
new URI("remote://localhost:" + ejbRemotingPort),
OptionMap.create(Options.SASL_POLICY_NOANONYMOUS, Boolean.FALSE),
new AnonymousCallbackHandler());
connection = IoFutureHelper.get(futureConnection, 5, TimeUnit.SECONDS);
}
public void start() throws IOException {
log.infof("Starting JMX Remoting Server %s", Version.getVersionString());
// Initialise general Remoting - this step would be implemented elsewhere when
// running within an application server.
final Xnio xnio = Xnio.getInstance();
endpoint = Remoting.createEndpoint("JMXRemoting", xnio, OptionMap.EMPTY);
endpoint.addConnectionProvider(
"remote", new RemoteConnectionProviderFactory(), OptionMap.EMPTY);
final NetworkServerProvider nsp =
endpoint.getConnectionProviderInterface("remote", NetworkServerProvider.class);
final SocketAddress bindAddress = new InetSocketAddress("localhost", listenerPort);
final OptionMap serverOptions = createOptionMap();
server = nsp.createServer(bindAddress, serverOptions, authenticationProvider, null);
// Initialise the components that will provide JMX connectivity.
connectorServer = new RemotingConnectorServer(mbeanServer, endpoint);
connectorServer.start();
}
private synchronized void createConnection() {
try {
endpoint = Remoting.createEndpoint("endpoint", OptionMap.EMPTY);
endpoint.addConnectionProvider(
"remote",
new RemoteConnectionProviderFactory(),
OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE));
endpoint.addConnectionProvider(
"http-remoting",
new HttpUpgradeConnectionProviderFactory(),
OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE));
endpoint.addConnectionProvider(
"https-remoting",
new HttpUpgradeConnectionProviderFactory(),
OptionMap.create(Options.SSL_ENABLED, Boolean.TRUE));
// open a connection
final IoFuture<Connection> futureConnection =
endpoint.connect(
new URI(hostUrl),
OptionMap.create(
Options.SASL_POLICY_NOANONYMOUS,
Boolean.FALSE,
Options.SASL_POLICY_NOPLAINTEXT,
Boolean.FALSE),
callbackHandler);
connection = IoFutureHelper.get(futureConnection, 30L, TimeUnit.SECONDS);
final EJBClientContext ejbClientContext = EJBClientContext.create(classLoader);
ejbClientContext.registerConnection(connection);
this.clientContext = ejbClientContext;
} catch (IOException e) {
throw new RuntimeException(e);
} catch (URISyntaxException e) {
throw new RuntimeException(e);
}
}
@Override
public void close() throws IOException {
if (destroyExecutor) {
executorService.shutdown();
}
if (endpoint != null)
try {
endpoint.close();
} catch (IOException e) {
// ignore
}
if (destroyExecutor) {
executorService.shutdownNow();
}
}
public void stop() throws IOException {
log.infof("Stopping JMX Remoting Server %s", Version.getVersionString());
// Services using an existing Remoting installation only need to stop the JMXConnectorServer
// to disassociate it from Remoting.
if (connectorServer != null) {
connectorServer.stop();
}
if (server != null) {
server.close();
}
if (endpoint != null) {
endpoint.close();
}
}
public synchronized void close() {
try {
if (connection != null) {
connection.close();
}
} catch (IOException e) {
AppClientLogger.ROOT_LOGGER.exceptionClosingConnection(e);
}
try {
if (endpoint != null) {
endpoint.close();
}
} catch (IOException e) {
AppClientLogger.ROOT_LOGGER.exceptionClosingConnection(e);
}
}
public void addChannelOpenListener(final String channelName, final OpenListener openListener)
throws ServiceRegistrationException {
endpoint.registerService(
channelName,
new OpenListener() {
public void channelOpened(final Channel channel) {
if (openListener != null) {
openListener.channelOpened(channel);
}
}
public void registrationTerminated() {
if (openListener != null) {
openListener.registrationTerminated();
}
}
},
OptionMap.EMPTY);
}
@Before
public void testStart() throws IOException, URISyntaxException, InterruptedException {
System.gc();
System.runFinalization();
Logger.getLogger("TEST").infof("Running test %s", name.getMethodName());
final FutureResult<Channel> passer = new FutureResult<Channel>();
serviceRegistration =
endpoint.registerService(
"org.jboss.test",
new OpenListener() {
public void channelOpened(final Channel channel) {
passer.setResult(channel);
}
public void registrationTerminated() {}
},
OptionMap.EMPTY);
IoFuture<Connection> futureConnection =
AuthenticationContext.empty()
.with(
MatchRule.ALL,
AuthenticationConfiguration.EMPTY
.useName("bob")
.usePassword("pass")
.allowSaslMechanisms("SCRAM-SHA-256"))
.run(
new PrivilegedAction<IoFuture<Connection>>() {
public IoFuture<Connection> run() {
try {
return endpoint.connect(new URI("remote://localhost:30123"), OptionMap.EMPTY);
} catch (IOException | URISyntaxException e) {
throw new RuntimeException(e);
}
}
});
connection = futureConnection.get();
IoFuture<Channel> futureChannel = connection.openChannel("org.jboss.test", OptionMap.EMPTY);
clientChannel = futureChannel.get();
serverChannel = passer.getIoFuture().get();
assertNotNull(serverChannel);
}
private void stopServer() throws IOException {
remoteNamingService.stop();
server.close();
endpoint.close();
serverStopped = true;
}
public boolean supportsUriScheme(
final String providerScheme, final FastHashtable<String, Object> env) {
final Endpoint endpoint = getEndpoint(env);
return endpoint != null && endpoint.isValidUriScheme(providerScheme);
}
private Endpoint getEndpoint(final FastHashtable<String, Object> env) {
return env.containsKey(ENDPOINT) ? (Endpoint) env.get(ENDPOINT) : Endpoint.getCurrent();
}
public NamingProvider createProvider(
final URI providerUri, final FastHashtable<String, Object> env) throws NamingException {
// Legacy naming constants
final Endpoint endpoint = getEndpoint(env);
final String callbackClass = getStringProperty(CALLBACK_HANDLER_KEY, env);
final String userName = getStringProperty(Context.SECURITY_PRINCIPAL, env);
final String password = getStringProperty(Context.SECURITY_CREDENTIALS, env);
final String passwordBase64 = getStringProperty(PASSWORD_BASE64_KEY, env);
final String realm = getStringProperty(REALM_KEY, env);
boolean useSeparateConnection =
Boolean.parseBoolean(String.valueOf(env.get(USE_SEPARATE_CONNECTION)));
AuthenticationContext captured = AuthenticationContext.captureCurrent();
AuthenticationConfiguration mergedConfiguration =
AUTH_CONFIGURATION_CLIENT.getAuthenticationConfiguration(providerUri, captured);
if (callbackClass != null && (userName != null || password != null)) {
throw Messages.log.callbackHandlerAndUsernameAndPasswordSpecified();
}
if (callbackClass != null) {
final ClassLoader classLoader = secureGetContextClassLoader();
try {
final Class<?> clazz = Class.forName(callbackClass, true, classLoader);
final CallbackHandler callbackHandler = (CallbackHandler) clazz.newInstance();
if (callbackHandler != null) {
mergedConfiguration = mergedConfiguration.useCallbackHandler(callbackHandler);
}
} catch (ClassNotFoundException e) {
throw Messages.log.failedToLoadCallbackHandlerClass(e, callbackClass);
} catch (Exception e) {
throw Messages.log.failedToInstantiateCallbackHandlerInstance(e, callbackClass);
}
} else if (userName != null) {
if (password != null && passwordBase64 != null) {
throw Messages.log.plainTextAndBase64PasswordSpecified();
}
final String decodedPassword =
passwordBase64 != null
? CodePointIterator.ofString(passwordBase64)
.base64Decode()
.asUtf8String()
.drainToString()
: password;
mergedConfiguration =
mergedConfiguration.useName(userName).usePassword(decodedPassword).useRealm(realm);
}
final AuthenticationContext context =
AuthenticationContext.empty().with(MatchRule.ALL, mergedConfiguration);
if (useSeparateConnection) {
// create a brand new connection - if there is authentication info in the env, use it
final Connection connection;
try {
connection = endpoint.connect(providerUri, OptionMap.EMPTY, context).get();
} catch (IOException e) {
throw Messages.log.connectFailed(e);
}
final RemoteNamingProvider provider = new RemoteNamingProvider(connection, context, env);
connection.getAttachments().attach(PROVIDER_KEY, provider);
return provider;
} else if (env.containsKey(CONNECTION)) {
final Connection connection = (Connection) env.get(CONNECTION);
final RemoteNamingProvider provider = new RemoteNamingProvider(connection, context, env);
connection.getAttachments().attach(PROVIDER_KEY, provider);
return provider;
} else {
final Attachments attachments = endpoint.getAttachments();
ProviderMap map = attachments.getAttachment(PROVIDER_MAP_KEY);
if (map == null) {
ProviderMap appearing =
attachments.attachIfAbsent(PROVIDER_MAP_KEY, map = new ProviderMap());
if (appearing != null) {
map = appearing;
}
}
final URIKey key =
new URIKey(
providerUri.getScheme(),
providerUri.getUserInfo(),
providerUri.getHost(),
providerUri.getPort());
RemoteNamingProvider provider = map.get(key);
if (provider == null) {
RemoteNamingProvider appearing =
map.putIfAbsent(
key, provider = new RemoteNamingProvider(endpoint, providerUri, context, env));
if (appearing != null) {
provider = appearing;
}
}
return provider;
}
}
