JMX Authentication with Spring Security (3.1.x)
Hi,
I have a JMX server configured without Spring and am trying to implement Spring Security for the Authorization part.
(See here, https://blogs.oracle.com/lmalventosa..._authorization
Use Case 4, without the Authorization part)
I would like now to implement the Authorization part using Spring Security.
In my JMX authenticator, I do:
And in the MBeans I try to fetch it and see that it has been passed correctly (in the future I plan to add Spring Annotations to check for roles, for method invocation).Code:final List<GrantedAuthority> roles = new ArrayList<GrantedAuthority>(); roles.add(new SimpleGrantedAuthority("ROLE_ADMIN")); final Authentication auth = new UsernamePasswordAuthenticationToken(credentialsArr[0], credentialsArr[1], roles); SecurityContextHolder.getContext().setAuthentication(auth);
The problem is, that in the standard connection flow:Code:final Authentication springAuth = SecurityContextHolder.getContext().getAuthentication();
I get a JMX connector, then connect to the MBean server and invoke a method - it works.Code:JMXServiceURL url = ...; Map env = ...; String[] creds = {"monitorRole", "mrpasswd", "FileRealm"}; env.put(JMXConnector.CREDENTIALS, creds); JMXConnector cc = JMXConnectorFactory.connect(url, env); MBeanServerConnection mbsc = cc.getMBeanServerConnection();
I get through the authenticator, set the Spring Context and get it in the Mbean.
But when I connect using a Jconsole, for example, I don't get the Spring Context in the Mbean.
I am using the Inheritable Thread strategy.
1. Is there a way to get the context also in the MBean, when connecting using the JConsole and other connectors?
2. If I implement JMX using Spring, will it help me to solve the problem?
3. Is my main flow fool proof (is there a chance I will not get the Context in the MBean)? I am asking this, since this flow is critical to me, to be fool proof.
Thanks a lot!
Reply With Quote
Originally Posted by wims.tijd
