Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.servicemix.jbi.jmx
Class PasswordAuthenticator

java.lang.Object
  extended by org.apache.servicemix.jbi.jmx.PasswordAuthenticator
All Implemented Interfaces:
JMXAuthenticator
public class PasswordAuthenticator
extends Object
implements JMXAuthenticator

Implementation of the JMXAuthenticator interface to be used on server side to secure access to JMXConnectorServers.
Usage: 

 JMXAuthenticator authenticator = new PasswordAuthenticator(new File("users.properties"));
 Map environment = new HashMap();
 environment.put(JMXConnectorServer.AUTHENTICATOR, authenticator);
 JMXServiceURL address = new JMXServiceURL("rmi", "localhost", 0);
 MBeanServer server = ...;
 JMXConnectorServer cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(address, environment, server);
The format of the users.properties file is that of a standard properties file:
<user>=<password>
where <password> can be stored in 2 ways: The obfuscated form can be obtained running this class as a main class: 
 java -cp mx4j-remote.jar mx4j.tools.remote.PasswordAuthenticator
and following the instructions printed on the console. The output will be a string that should be copy/pasted as the password into the properties file.
The obfuscated password is obtained by digesting the clear text password using a MessageDigest algorithm, and then by Base64-encoding the resulting bytes.

On client side, you are allowed to connect to a server side secured with the PasswordAuthenticator only if you provide the correct credentials: 
 String[] credentials = new String[2];
 // The user will travel as clear text
 credentials[0] = "user";
 // You may send the password in clear text, but it's better to obfuscate it
 credentials[1] = PasswordAuthenticator.obfuscatePassword("password");
 Map environment = new HashMap();
 environment.put(JMXConnector.CREDENTIALS, credentials);
 JMXServiceURL address = ...;
 JMXConnector cntor = JMXConnectorFactory.connect(address, environment);
Note that obfuscating the passwords only works if the server side has been setup with the PasswordAuthenticator. However, the PasswordAuthenticator can be used with other JSR 160 implementations, such as Sun's reference implementation.

Version:
$Revision: 1.3 $

Constructor Summary
PasswordAuthenticator(File passwordFile)
          Creates a new PasswordAuthenticator that reads user/password pairs from the specified properties file.
PasswordAuthenticator(InputStream is)
          Creates a new PasswordAuthenticator that reads user/password pairs from the specified InputStream.
 
Method Summary
 Subject authenticate(Object credentials)
           
static void main(String[] args)
          Runs this class as main class to obfuscate passwords.
static String obfuscatePassword(String password)
          Obfuscates the given password using MD5 as digest algorithm
static String obfuscatePassword(String password, String algorithm)
          Obfuscates the given password using the given digest algorithm.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PasswordAuthenticator

public PasswordAuthenticator(File passwordFile)
                      throws IOException
Creates a new PasswordAuthenticator that reads user/password pairs from the specified properties file. The file format is described in the javadoc of this class.

Throws:
IOException
See Also:
obfuscatePassword(java.lang.String)

PasswordAuthenticator

public PasswordAuthenticator(InputStream is)
                      throws IOException
Creates a new PasswordAuthenticator that reads user/password pairs from the specified InputStream. The file format is described in the javadoc of this class.

Throws:
IOException
See Also:
obfuscatePassword(java.lang.String)
Method Detail

main

public static void main(String[] args)
                 throws Exception
Runs this class as main class to obfuscate passwords. When no arguments are provided, it prints out the usage.

Throws:
Exception
See Also:
obfuscatePassword(java.lang.String,java.lang.String)

obfuscatePassword

public static String obfuscatePassword(String password)
Obfuscates the given password using MD5 as digest algorithm

See Also:
obfuscatePassword(java.lang.String,java.lang.String)

obfuscatePassword

public static String obfuscatePassword(String password,
                                       String algorithm)
Obfuscates the given password using the given digest algorithm.
Obfuscation consists of 2 steps: first the clear text password is digested using the specified algorithm, then the resulting bytes are Base64-encoded.
For example, the obfuscated version of the password "password" is "OBF(MD5):X03MO1qnZdYdgyfeuILPmQ==" or "OBF(SHA-1):W6ph5Mm5Pz8GgiULbPgzG37mj9g=".
OBF stands for "obfuscated", in parenthesis the algorithm used to digest the password.

authenticate

public Subject authenticate(Object credentials)
                     throws SecurityException
Specified by:
authenticate in interface JMXAuthenticator
Throws:
SecurityException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2005-2008 Apache Software Foundation. All Rights Reserved.