org.glassfish.admin.mbeanserver

Class AdminAuthorizedMBeanServer

java.lang.Object

org.glassfish.admin.mbeanserver.AdminAuthorizedMBeanServer

public class AdminAuthorizedMBeanServer
extends Object

Allows per-access security checks on MBean attribute set/get and other invoked operations.

This class wraps the normal GlassFish MBeanServer with a security checker. If control reaches this class then the incoming connection has already authenticated successfully. This class decides, depending on exactly what the request wants to do and what MBean is involved, whether to allow the current request or not. If so, it delegates to the real MBeanServer; if not it throws an exception.

Currently we allow all access to non-AMX MBeans. This permits, for example, the normal operations to view JVM performance characteristics. If the attempted access concerns an AMX MBean and we're running in the DAS then we allow it - it's OK to adjust configuration via JMX to the DAS. But if this is a non-DAS instance we make sure the operation on the AMX MBean is read-only before allowing it.

Author:

tjquinn

Constructor Summary

Constructors

Constructor and Description
AdminAuthorizedMBeanServer()

Method Summary

Modifier and Type	Method and Description
static MBeanServerForwarder	newInstance(MBeanServer mbs, boolean isInstance) Returns an MBeanServer that will check security and then forward requests to the real MBeanServer.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AdminAuthorizedMBeanServer

public AdminAuthorizedMBeanServer()

Method Detail

newInstance

public static MBeanServerForwarder newInstance(MBeanServer mbs,
                                               boolean isInstance)

Returns an MBeanServer that will check security and then forward requests to the real MBeanServer.

Parameters:

mbs - the real MBeanServer to which to delegate

isInstance -

Returns:

the security-checking wrapper around the MBeanServer