JMX, Interfaces, JConsole plugins and MBeanTrustPermission oddities
Here goes.
My code started out pretty simple.
It has a few ManagedOperations too. And the spring config was pretty short and sweet too (courtesy of Spring 2.5)Code:@ManagedResource(objectName = "tf:name=testDirector", persistPolicy = "OnUpdate") public class TestDirector extends NotificationBroadcasterSupport { ...
I could bring it up in JConsole, no problem. Everything ran smooth, like a charm. Then my boss decided he wanted something fancier so a co-worker souped up a JConsole plugin.Code:... <context:mbean-export /> ... <bean id="testDirector" class="com.dude.testdirector.TestDirector" p:testSpecificationManager-ref="testSpecificationManager"/> ...
But in order to to access the TestDirector from his JConsole plugin, he had to create an interface for all the ManagedOperations. So the code changed.
However, once that implementation piece is added, when I attempt to launch my program, I now get a MBeanTrustPermission error.Code:@ManagedResource(objectName = "tf:name=testDirector", persistPolicy = "OnUpdate") public class TestDirector extends NotificationBroadcasterSupport implements TestDirectorMBean {
Without the interface, the plugin can't call this lineCode:Exception in thread "main" org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mbeanExporter': Invocation of init method failed; nested exception is org.springframework.jmx.export.UnableToRegisterMBeanException: Unable to register MBean [com.dude.testdirector.TestDirector@17f11fb] with key 'testDirector'; nested exception is java.security.AccessControlException: access denied (javax.management.MBeanTrustPermission register) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1362) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:540) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:485) at java.security.AccessController.doPrivileged(Native Method) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:455) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:251) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:169) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:248) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:170) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:413) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:735) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:369) at org.springframework.context.support.FileSystemXmlApplicationContext.<init>(FileSystemXmlApplicationContext.java:124) at org.springframework.context.support.FileSystemXmlApplicationContext.<init>(FileSystemXmlApplicationContext.java:68) at com.dude.testdirector.Launcher.getTestDirectorContext(Launcher.java:18) at com.dude.testdirector.Launcher.getTestDirector(Launcher.java:13) at com.dude.testdirector.Launcher.main(Launcher.java:25)
So that's my problem. I know I can add the grant permission in the java.policy file, but I'd rather not give all access to everything on every machine I deploy this on. That'd be bad news.Code:td = JMX.newMBeanProxy(server, objectName, TestDirectorMBean.class, false);
Anybody have any thoughts on that one? Thanks.
Reply With Quote
Originally Posted by oualidg
