add secure username and password options to jmx driver

driver-jmx/src/main/java/io/nosqlbench/driver/jmx/ReadyJmxOp.java

@@ -13,6 +13,7 @@ import javax.management.remote.JMXConnectorFactory;
 import javax.management.remote.JMXServiceURL;
 import java.io.IOException;
 import java.net.MalformedURLException;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.Optional;
 
@@ -35,7 +36,7 @@ public class ReadyJmxOp {
         ObjectName objectName = null;
         try {
             String object = cmdmap.get("object");
-            if (object==null) {
+            if (object == null) {
                 throw new RuntimeException("You must specify an object name for any JMX operation.");
             }
             objectName = new ObjectName(object);
@@ -46,9 +47,9 @@ public class ReadyJmxOp {
         if (cmdmap.containsKey(JMXReadOperation.READVAR)) {
             return new JMXReadOperation(connector, objectName, cmdmap.get(JMXReadOperation.READVAR), cmdmap);
         } else if (cmdmap.containsKey(JMXPrintOperation.PRINTVAR)) {
-            return new JMXPrintOperation(connector,objectName, cmdmap.get(JMXPrintOperation.PRINTVAR), cmdmap);
+            return new JMXPrintOperation(connector, objectName, cmdmap.get(JMXPrintOperation.PRINTVAR), cmdmap);
         } else if (cmdmap.containsKey(JMXExplainOperation.EXPLAIN)) {
-            return new JMXExplainOperation(connector,objectName);
+            return new JMXExplainOperation(connector, objectName);
         }
 
         throw new RuntimeException("No valid form of JMX operation was determined from the provided command details:" + cmdmap.toString());
@@ -56,10 +57,19 @@ public class ReadyJmxOp {
 
     private JMXConnector bindConnector(Map<String, String> cmdmap) {
 
+        Map<String, Object> connectorEnv = new HashMap<>();
+        String username = cmdmap.remove("username");
+        String password = cmdmap.remove("password");
+        username = SecureUtils.readSecret("JMX username", username);
+        password = SecureUtils.readSecret("JMX password", password);
+        if (username != null && password != null) {
+            connectorEnv.put(JMXConnector.CREDENTIALS, new String[]{username, password});
+        }
+
         JMXConnector connector = null;
         try {
             JMXServiceURL url = bindJMXServiceURL(cmdmap);
-            connector = JMXConnectorFactory.connect(url);
+            connector = JMXConnectorFactory.connect(url, connectorEnv);
         } catch (IOException e) {
             e.printStackTrace();
         }

driver-jmx/src/main/java/io/nosqlbench/driver/jmx/SecureUtils.java

@@ -0,0 +1,51 @@
+package io.nosqlbench.driver.jmx;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Path;
+
+public class SecureUtils {
+    private final static Logger logger = LoggerFactory.getLogger(SecureUtils.class);
+
+    public static String readSecret(String description, String source) {
+        if (source==null) {
+            return null;
+        }
+
+        if (source.startsWith("file:")) {
+            String sourceFile = source.substring("file:".length());
+            try {
+                return Files.readString(Path.of(sourceFile), StandardCharsets.UTF_8);
+            } catch (IOException e) {
+                throw new RuntimeException(e);
+            }
+        } else if (source.startsWith("console:")||source.equals("")) {
+            System.out.println("")
+            StringBuilder sb = new StringBuilder();
+            char in=0;
+            while (true) {
+                try {
+                    in= (char)System.in.read();
+                } catch (IOException e) {
+                    throw new RuntimeException(e);
+                }
+                if (in!='\n' && in!='\r') {
+                    sb.append(in);
+                } else {
+                    break;
+                }
+            }
+            return sb.toString();
+
+
+        } else {
+            logger.warn("Parameter for '" + description + "' was passed directly. This is less secure." +
+                    " Consider using 'file:<file>' or 'console:' for this value instead");
+            return source;
+        }
+    }
+}

driver-jmx/src/main/resources/jmx.md

@@ -13,9 +13,14 @@ In the first version of this driver, only reads are supported.
 
 JMX transports can be configured in a myriad of ways. The options below allow you to add
 connection options such as SSL and authentication.
-
-- **ssl** - Use SSL settings provided. Thes SSL settings are from the NoSQLBench standard
-  SSL support
+- **username** - The username to authenticate to the JMX server as. This can be specifed as the
+  actual username to use, or 'file:...' to indicate a filename to load the user name from, or as
+   'console:' to force the user name to be prompted for on the console. If an empty value is provided,
+   then the console is used by default.
+- **password** - The password to authentiate to the JMX server with. This can be specifed as the
+  actual password to use, or 'file:...' to indicate a filename to load the user name from, or as
+  'console:' to force the user name to be prompted for on the console. If an empty value is provided,
+   then the console is used by default.
 
 # Example Operations