1. /*

  2.  * @(#)MBeanServerAccessController.java	1.7 03/12/19

  3.  * 

  4.  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. 

  8. package com.sun.jmx.remote.security;

  9. 

  10. import java.io.ObjectInputStream;

  11. import java.util.Set;

  12. import javax.management.Attribute;

  13. import javax.management.AttributeList;

  14. import javax.management.AttributeNotFoundException;

  15. import javax.management.InstanceNotFoundException;

  16. import javax.management.InstanceAlreadyExistsException;

  17. import javax.management.IntrospectionException;

  18. import javax.management.InvalidAttributeValueException;

  19. import javax.management.ListenerNotFoundException;

  20. import javax.management.MBeanException;

  21. import javax.management.MBeanInfo;

  22. import javax.management.MBeanRegistrationException;

  23. import javax.management.MBeanServer;

  24. import javax.management.NotCompliantMBeanException;

  25. import javax.management.NotificationFilter;

  26. import javax.management.NotificationListener;

  27. import javax.management.ObjectInstance;

  28. import javax.management.ObjectName;

  29. import javax.management.OperationsException;

  30. import javax.management.QueryExp;

  31. import javax.management.ReflectionException;

  32. import javax.management.loading.ClassLoaderRepository;

  33. import javax.management.remote.MBeanServerForwarder;

  34. 

  35. /**

  36.  * <p>An object of this class implements the MBeanServer interface

  37.  * and, for each of its methods, calls an appropriate checking method

  38.  * and then forwards the request to a wrapped MBeanServer object.  The

  39.  * checking method may throw a RuntimeException if the operation is

  40.  * not allowed; in this case the request is not forwarded to the

  41.  * wrapped object.</p>

  42.  *

  43.  * <p>A typical use of this class is to insert it between a connector server

  44.  * such as the RMI connector and the MBeanServer with which the connector

  45.  * is associated.  Requests from the connector client can then be filtered

  46.  * and those operations that are not allowed, or not allowed in a particular

  47.  * context, can be rejected by throwing a <code>SecurityException</code>

  48.  * in the corresponding <code>check*</code> method.</p>

  49.  *

  50.  * <p>This is an abstract class, because in its implementation none of

  51.  * the checking methods does anything.  To be useful, it must be

  52.  * subclassed and at least one of the checking methods overridden to

  53.  * do some checking.  Some or all of the MBeanServer methods may also

  54.  * be overridden, for instance if the default checking behaviour is

  55.  * inappropriate.</p>

  56.  *

  57.  * <p>If there is no SecurityManager, then the access controller will refuse

  58.  * to create an MBean that is a ClassLoader, which includes MLets, or to

  59.  * execute the method addURL on an MBean that is an MLet. This prevents

  60.  * people from opening security holes unintentionally. Otherwise, it

  61.  * would not be obvious that granting write access grants the ability to

  62.  * download and execute arbitrary code in the target MBean server. Advanced

  63.  * users who do want the ability to use MLets are presumably advanced enough

  64.  * to handle policy files and security managers.</p>

  65.  */

  66. public abstract class MBeanServerAccessController

  67. 	implements MBeanServerForwarder {

  68. 

  69.     public MBeanServer getMBeanServer() {

  70. 	return mbs;

  71.     }

  72. 

  73.     public void setMBeanServer(MBeanServer mbs) {

  74. 	if (mbs == null)

  75. 	    throw new IllegalArgumentException("Null MBeanServer");

  76. 	if (this.mbs != null)

  77. 	    throw new IllegalArgumentException("MBeanServer object already " +

  78. 					       "initialized");

  79. 	this.mbs = mbs;

  80.     }

  81. 

  82.     /**

  83.      * Check if the caller can do read operations. This method does

  84.      * nothing if so, otherwise throws SecurityException.

  85.      */

  86.     protected abstract void checkRead();

  87. 

  88.     /**

  89.      * Check if the caller can do write operations.  This method does

  90.      * nothing if so, otherwise throws SecurityException.

  91.      */

  92.     protected abstract void checkWrite();

  93. 

  94.     //--------------------------------------------

  95.     //--------------------------------------------

  96.     //

  97.     // Implementation of the MBeanServer interface

  98.     //

  99.     //--------------------------------------------

  100.     //--------------------------------------------

  101. 

  102.     /**

  103.      * Call <code>checkRead()</code>, then forward this method to the

  104.      * wrapped object.

  105.      */

  106.     public void addNotificationListener(ObjectName name,

  107. 					NotificationListener listener,

  108. 					NotificationFilter filter,

  109. 					Object handback)

  110. 	throws InstanceNotFoundException {

  111. 	checkRead();

  112. 	getMBeanServer().addNotificationListener(name, listener,

  113. 						 filter, handback);

  114.     }

  115. 

  116.     /**

  117.      * Call <code>checkRead()</code>, then forward this method to the

  118.      * wrapped object.

  119.      */

  120.     public void addNotificationListener(ObjectName name,

  121. 					ObjectName listener,

  122. 					NotificationFilter filter,

  123. 					Object handback)

  124. 	throws InstanceNotFoundException {

  125. 	checkRead();

  126. 	getMBeanServer().addNotificationListener(name, listener,

  127. 						 filter, handback);

  128.     }

  129. 

  130.     /**

  131.      * Call <code>checkWrite()</code>, then forward this method to the

  132.      * wrapped object.

  133.      */

  134.     public ObjectInstance createMBean(String className, ObjectName name)

  135. 	throws

  136. 	ReflectionException,

  137. 	InstanceAlreadyExistsException,

  138. 	MBeanRegistrationException,

  139. 	MBeanException,

  140. 	NotCompliantMBeanException {

  141. 	checkWrite();

  142. 	SecurityManager sm = System.getSecurityManager();

  143. 	if (sm == null) {

  144. 	    Object object = getMBeanServer().instantiate(className);

  145. 	    checkClassLoader(object);

  146. 	    return getMBeanServer().registerMBean(object, name);

  147. 	} else {

  148. 	    return getMBeanServer().createMBean(className, name);

  149. 	}

  150.     }

  151. 

  152.     /**

  153.      * Call <code>checkWrite()</code>, then forward this method to the

  154.      * wrapped object.

  155.      */

  156.     public ObjectInstance createMBean(String className, ObjectName name,

  157. 				      Object params[], String signature[])

  158. 	throws

  159. 	ReflectionException,

  160. 	InstanceAlreadyExistsException,

  161. 	MBeanRegistrationException,

  162. 	MBeanException,

  163. 	NotCompliantMBeanException {

  164. 	checkWrite();

  165. 	SecurityManager sm = System.getSecurityManager();

  166. 	if (sm == null) {

  167. 	    Object object = getMBeanServer().instantiate(className,

  168. 							 params,

  169. 							 signature);

  170. 	    checkClassLoader(object);

  171. 	    return getMBeanServer().registerMBean(object, name);

  172. 	} else {

  173. 	    return getMBeanServer().createMBean(className, name,

  174. 						params, signature);

  175. 	}

  176.     }

  177. 

  178.     /**

  179.      * Call <code>checkWrite()</code>, then forward this method to the

  180.      * wrapped object.

  181.      */

  182.     public ObjectInstance createMBean(String className,

  183. 				      ObjectName name,

  184. 				      ObjectName loaderName)

  185. 	throws

  186. 	ReflectionException,

  187. 	InstanceAlreadyExistsException,

  188. 	MBeanRegistrationException,

  189. 	MBeanException,

  190. 	NotCompliantMBeanException,

  191. 	InstanceNotFoundException {

  192. 	checkWrite();

  193. 	SecurityManager sm = System.getSecurityManager();

  194. 	if (sm == null) {

  195. 	    Object object = getMBeanServer().instantiate(className,

  196. 							 loaderName);

  197. 	    checkClassLoader(object);

  198. 	    return getMBeanServer().registerMBean(object, name);

  199. 	} else {

  200. 	    return getMBeanServer().createMBean(className, name, loaderName);

  201. 	}

  202.     }

  203. 

  204.     /**

  205.      * Call <code>checkWrite()</code>, then forward this method to the

  206.      * wrapped object.

  207.      */

  208.     public ObjectInstance createMBean(String className,

  209. 				      ObjectName name,

  210. 				      ObjectName loaderName,

  211. 				      Object params[],

  212. 				      String signature[])

  213. 	throws

  214. 	ReflectionException,

  215. 	InstanceAlreadyExistsException,

  216. 	MBeanRegistrationException,

  217. 	MBeanException,

  218. 	NotCompliantMBeanException,

  219. 	InstanceNotFoundException {

  220. 	checkWrite();

  221. 	SecurityManager sm = System.getSecurityManager();

  222. 	if (sm == null) {

  223. 	    Object object = getMBeanServer().instantiate(className,

  224. 							 loaderName,

  225. 							 params,

  226. 							 signature);

  227. 	    checkClassLoader(object);

  228. 	    return getMBeanServer().registerMBean(object, name);

  229. 	} else {

  230. 	    return getMBeanServer().createMBean(className, name, loaderName,

  231. 						params, signature);

  232. 	}

  233.     }

  234. 

  235.     /**

  236.      * Call <code>checkRead()</code>, then forward this method to the

  237.      * wrapped object.

  238.      */

  239.     public ObjectInputStream deserialize(ObjectName name, byte[] data)

  240. 	throws InstanceNotFoundException, OperationsException {

  241. 	checkRead();

  242. 	return getMBeanServer().deserialize(name, data);

  243.     }

  244. 

  245.     /**

  246.      * Call <code>checkRead()</code>, then forward this method to the

  247.      * wrapped object.

  248.      */

  249.     public ObjectInputStream deserialize(String className, byte[] data)

  250. 	throws OperationsException, ReflectionException {

  251. 	checkRead();

  252. 	return getMBeanServer().deserialize(className, data);

  253.     }

  254. 

  255.     /**

  256.      * Call <code>checkRead()</code>, then forward this method to the

  257.      * wrapped object.

  258.      */

  259.     public ObjectInputStream deserialize(String className,

  260. 					 ObjectName loaderName,

  261. 					 byte[] data)

  262. 	throws

  263. 	InstanceNotFoundException,

  264. 	OperationsException,

  265. 	ReflectionException {

  266. 	checkRead();

  267. 	return getMBeanServer().deserialize(className, loaderName, data);

  268.     }

  269. 

  270.     /**

  271.      * Call <code>checkRead()</code>, then forward this method to the

  272.      * wrapped object.

  273.      */

  274.     public Object getAttribute(ObjectName name, String attribute)

  275. 	throws

  276. 	MBeanException,

  277. 	AttributeNotFoundException,

  278. 	InstanceNotFoundException,

  279. 	ReflectionException {

  280. 	checkRead();

  281. 	return getMBeanServer().getAttribute(name, attribute);

  282.     }

  283. 

  284.     /**

  285.      * Call <code>checkRead()</code>, then forward this method to the

  286.      * wrapped object.

  287.      */

  288.     public AttributeList getAttributes(ObjectName name, String[] attributes)

  289. 	throws InstanceNotFoundException, ReflectionException {

  290. 	checkRead();

  291. 	return getMBeanServer().getAttributes(name, attributes);

  292.     }

  293. 

  294.     /**

  295.      * Call <code>checkRead()</code>, then forward this method to the

  296.      * wrapped object.

  297.      */

  298.     public ClassLoader getClassLoader(ObjectName loaderName)

  299. 	throws InstanceNotFoundException {

  300. 	checkRead();

  301. 	return getMBeanServer().getClassLoader(loaderName);

  302.     }

  303. 

  304.     /**

  305.      * Call <code>checkRead()</code>, then forward this method to the

  306.      * wrapped object.

  307.      */

  308.     public ClassLoader getClassLoaderFor(ObjectName mbeanName)

  309. 	throws InstanceNotFoundException {

  310. 	checkRead();

  311. 	return getMBeanServer().getClassLoaderFor(mbeanName);

  312.     }

  313. 

  314.     /**

  315.      * Call <code>checkRead()</code>, then forward this method to the

  316.      * wrapped object.

  317.      */

  318.     public ClassLoaderRepository getClassLoaderRepository() {

  319. 	checkRead();

  320. 	return getMBeanServer().getClassLoaderRepository();

  321.     }

  322. 

  323.     /**

  324.      * Call <code>checkRead()</code>, then forward this method to the

  325.      * wrapped object.

  326.      */

  327.     public String getDefaultDomain() {

  328. 	checkRead();

  329. 	return getMBeanServer().getDefaultDomain();

  330.     }

  331. 

  332.     /**

  333.      * Call <code>checkRead()</code>, then forward this method to the

  334.      * wrapped object.

  335.      */

  336.     public String[] getDomains() {

  337. 	checkRead();

  338. 	return getMBeanServer().getDomains();

  339.     }

  340. 

  341.     /**

  342.      * Call <code>checkRead()</code>, then forward this method to the

  343.      * wrapped object.

  344.      */

  345.     public Integer getMBeanCount() {

  346. 	checkRead();

  347. 	return getMBeanServer().getMBeanCount();

  348.     }

  349. 

  350.     /**

  351.      * Call <code>checkRead()</code>, then forward this method to the

  352.      * wrapped object.

  353.      */

  354.     public MBeanInfo getMBeanInfo(ObjectName name)

  355. 	throws

  356. 	InstanceNotFoundException,

  357. 	IntrospectionException,

  358. 	ReflectionException {

  359. 	checkRead();

  360. 	return getMBeanServer().getMBeanInfo(name);

  361.     }

  362. 

  363.     /**

  364.      * Call <code>checkRead()</code>, then forward this method to the

  365.      * wrapped object.

  366.      */

  367.     public ObjectInstance getObjectInstance(ObjectName name)

  368. 	throws InstanceNotFoundException {

  369. 	checkRead();

  370. 	return getMBeanServer().getObjectInstance(name);

  371.     }

  372. 

  373.     /**

  374.      * Call <code>checkWrite()</code>, then forward this method to the

  375.      * wrapped object.

  376.      */

  377.     public Object instantiate(String className)

  378. 	throws ReflectionException, MBeanException {

  379. 	checkWrite();

  380. 	return getMBeanServer().instantiate(className);

  381.     }

  382. 

  383.     /**

  384.      * Call <code>checkWrite()</code>, then forward this method to the

  385.      * wrapped object.

  386.      */

  387.     public Object instantiate(String className,

  388. 			      Object params[],

  389. 			      String signature[]) 

  390. 	throws ReflectionException, MBeanException {

  391. 	checkWrite();

  392. 	return getMBeanServer().instantiate(className, params, signature);

  393.     }

  394. 

  395.     /**

  396.      * Call <code>checkWrite()</code>, then forward this method to the

  397.      * wrapped object.

  398.      */

  399.     public Object instantiate(String className, ObjectName loaderName)

  400. 	throws ReflectionException, MBeanException, InstanceNotFoundException {

  401. 	checkWrite();

  402. 	return getMBeanServer().instantiate(className, loaderName);

  403.     }

  404. 

  405.     /**

  406.      * Call <code>checkWrite()</code>, then forward this method to the

  407.      * wrapped object.

  408.      */

  409.     public Object instantiate(String className, ObjectName loaderName,

  410. 			      Object params[], String signature[])

  411. 	throws ReflectionException, MBeanException, InstanceNotFoundException {

  412. 	checkWrite();

  413. 	return getMBeanServer().instantiate(className, loaderName,

  414. 					    params, signature);

  415.     }

  416. 

  417.     /**

  418.      * Call <code>checkWrite()</code>, then forward this method to the

  419.      * wrapped object.

  420.      */

  421.     public Object invoke(ObjectName name, String operationName,

  422. 			 Object params[], String signature[])

  423. 	throws

  424. 	InstanceNotFoundException,

  425. 	MBeanException,

  426. 	ReflectionException {

  427. 	checkWrite();

  428. 	checkMLetAddURL(name, operationName);

  429. 	return getMBeanServer().invoke(name, operationName, params, signature);

  430.     }

  431. 

  432.     /**

  433.      * Call <code>checkRead()</code>, then forward this method to the

  434.      * wrapped object.

  435.      */

  436.     public boolean isInstanceOf(ObjectName name, String className)

  437. 	throws InstanceNotFoundException {

  438. 	checkRead();

  439. 	return getMBeanServer().isInstanceOf(name, className);

  440.     }

  441. 

  442.     /**

  443.      * Call <code>checkRead()</code>, then forward this method to the

  444.      * wrapped object.

  445.      */

  446.     public boolean isRegistered(ObjectName name) {

  447. 	checkRead();

  448. 	return getMBeanServer().isRegistered(name);

  449.     }

  450. 

  451.     /**

  452.      * Call <code>checkRead()</code>, then forward this method to the

  453.      * wrapped object.

  454.      */

  455.     public Set queryMBeans(ObjectName name, QueryExp query) {

  456. 	checkRead();

  457. 	return getMBeanServer().queryMBeans(name, query);

  458.     }

  459. 

  460.     /**

  461.      * Call <code>checkRead()</code>, then forward this method to the

  462.      * wrapped object.

  463.      */

  464.     public Set queryNames(ObjectName name, QueryExp query) {

  465. 	checkRead();

  466. 	return getMBeanServer().queryNames(name, query);

  467.     }

  468. 

  469.     /**

  470.      * Call <code>checkWrite()</code>, then forward this method to the

  471.      * wrapped object.

  472.      */

  473.     public ObjectInstance registerMBean(Object object, ObjectName name)

  474. 	throws

  475. 	InstanceAlreadyExistsException,

  476. 	MBeanRegistrationException,

  477. 	NotCompliantMBeanException {

  478. 	checkWrite();

  479. 	return getMBeanServer().registerMBean(object, name);

  480.     }

  481. 

  482.     /**

  483.      * Call <code>checkRead()</code>, then forward this method to the

  484.      * wrapped object.

  485.      */

  486.     public void removeNotificationListener(ObjectName name,

  487. 					   NotificationListener listener)

  488. 	throws InstanceNotFoundException, ListenerNotFoundException {

  489. 	checkRead();

  490. 	getMBeanServer().removeNotificationListener(name, listener);

  491.     }

  492. 

  493.     /**

  494.      * Call <code>checkRead()</code>, then forward this method to the

  495.      * wrapped object.

  496.      */

  497.     public void removeNotificationListener(ObjectName name,

  498. 					   NotificationListener listener,

  499. 					   NotificationFilter filter,

  500. 					   Object handback)

  501. 	throws InstanceNotFoundException, ListenerNotFoundException {

  502. 	checkRead();

  503. 	getMBeanServer().removeNotificationListener(name, listener,

  504. 						    filter, handback);

  505.     }

  506. 

  507.     /**

  508.      * Call <code>checkRead()</code>, then forward this method to the

  509.      * wrapped object.

  510.      */

  511.     public void removeNotificationListener(ObjectName name,

  512. 					   ObjectName listener)

  513. 	throws InstanceNotFoundException, ListenerNotFoundException {

  514. 	checkRead();

  515. 	getMBeanServer().removeNotificationListener(name, listener);

  516.     }

  517. 

  518.     /**

  519.      * Call <code>checkRead()</code>, then forward this method to the

  520.      * wrapped object.

  521.      */

  522.     public void removeNotificationListener(ObjectName name,

  523. 					   ObjectName listener,

  524. 					   NotificationFilter filter,

  525. 					   Object handback)

  526. 	throws InstanceNotFoundException, ListenerNotFoundException {

  527. 	checkRead();

  528. 	getMBeanServer().removeNotificationListener(name, listener,

  529. 						    filter, handback);

  530.     }

  531. 

  532.     /**

  533.      * Call <code>checkWrite()</code>, then forward this method to the

  534.      * wrapped object.

  535.      */

  536.     public void setAttribute(ObjectName name, Attribute attribute)

  537. 	throws

  538. 	InstanceNotFoundException,

  539. 	AttributeNotFoundException,

  540. 	InvalidAttributeValueException,

  541. 	MBeanException,

  542. 	ReflectionException {

  543. 	checkWrite();

  544. 	getMBeanServer().setAttribute(name, attribute);

  545.     }

  546. 

  547.     /**

  548.      * Call <code>checkWrite()</code>, then forward this method to the

  549.      * wrapped object.

  550.      */

  551.     public AttributeList setAttributes(ObjectName name,

  552. 				       AttributeList attributes)

  553. 	throws InstanceNotFoundException, ReflectionException {

  554. 	checkWrite();

  555. 	return getMBeanServer().setAttributes(name, attributes);

  556.     }

  557. 

  558.     /**

  559.      * Call <code>checkWrite()</code>, then forward this method to the

  560.      * wrapped object.

  561.      */

  562.     public void unregisterMBean(ObjectName name)

  563. 	throws InstanceNotFoundException, MBeanRegistrationException {

  564. 	checkWrite();

  565. 	getMBeanServer().unregisterMBean(name);

  566.     }

  567. 

  568.     //----------------

  569.     // PRIVATE METHODS

  570.     //----------------

  571. 

  572.     private void checkClassLoader(Object object) {

  573. 	if (object instanceof ClassLoader)

  574. 	    throw new SecurityException("Access denied! Creating an " +

  575. 					"MBean that is a ClassLoader " +

  576. 					"is forbidden unless a security " +

  577. 					"manager is installed.");

  578.     }

  579. 

  580.     private void checkMLetAddURL(ObjectName name, String operationName)

  581. 	throws InstanceNotFoundException {

  582. 	SecurityManager sm = System.getSecurityManager();

  583. 	if (sm == null) {

  584. 	    if (operationName.equals("addURL") &&

  585. 		getMBeanServer().isInstanceOf(name,

  586. 					      "javax.management.loading.MLet"))

  587. 		throw new SecurityException("Access denied! MLet method " +

  588. 					    "addURL cannot be invoked " +

  589. 					    "unless a security manager " +

  590. 					    "is installed.");

  591. 	}

  592.     }

  593. 

  594.     //------------------

  595.     // PRIVATE VARIABLES

  596.     //------------------

  597. 

  598.     private MBeanServer mbs;

  599. }