IntenseFinance/nosqlbench
3
0
Fork 0
mirror of https://github.com/nosqlbench/nosqlbench.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

add secure username and password options to jmx driver

Browse Source
This commit is contained in:
Jonathan Shook 2020-07-15 12:33:17 -05:00
parent 1cc9d209d0
commit 9d2e808664
3 changed files with 73 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
driver-jmx/src/main/java/io/nosqlbench/driver/jmx/ReadyJmxOp.java
View File

@ -13,6 +13,7 @@ import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL; import javax.management.remote.JMXServiceURL;
import java.io.IOException; import java.io.IOException;
import java.net.MalformedURLException; import java.net.MalformedURLException;
import java.util.HashMap;
import java.util.Map; import java.util.Map;
import java.util.Optional; import java.util.Optional;
@ -35,7 +36,7 @@ public class ReadyJmxOp {
ObjectName objectName = null; ObjectName objectName = null;
try { try {
String object = cmdmap.get("object"); String object = cmdmap.get("object");
if (object==null) { if (object == null) {
throw new RuntimeException("You must specify an object name for any JMX operation."); throw new RuntimeException("You must specify an object name for any JMX operation.");
} }
objectName = new ObjectName(object); objectName = new ObjectName(object);
@ -46,9 +47,9 @@ public class ReadyJmxOp {
if (cmdmap.containsKey(JMXReadOperation.READVAR)) { if (cmdmap.containsKey(JMXReadOperation.READVAR)) {
return new JMXReadOperation(connector, objectName, cmdmap.get(JMXReadOperation.READVAR), cmdmap); return new JMXReadOperation(connector, objectName, cmdmap.get(JMXReadOperation.READVAR), cmdmap);
} else if (cmdmap.containsKey(JMXPrintOperation.PRINTVAR)) { } else if (cmdmap.containsKey(JMXPrintOperation.PRINTVAR)) {
return new JMXPrintOperation(connector,objectName, cmdmap.get(JMXPrintOperation.PRINTVAR), cmdmap); return new JMXPrintOperation(connector, objectName, cmdmap.get(JMXPrintOperation.PRINTVAR), cmdmap);
} else if (cmdmap.containsKey(JMXExplainOperation.EXPLAIN)) { } else if (cmdmap.containsKey(JMXExplainOperation.EXPLAIN)) {
return new JMXExplainOperation(connector,objectName); return new JMXExplainOperation(connector, objectName);
} }
throw new RuntimeException("No valid form of JMX operation was determined from the provided command details:" + cmdmap.toString()); throw new RuntimeException("No valid form of JMX operation was determined from the provided command details:" + cmdmap.toString());
@ -56,10 +57,19 @@ public class ReadyJmxOp {
private JMXConnector bindConnector(Map<String, String> cmdmap) { private JMXConnector bindConnector(Map<String, String> cmdmap) {
Map<String, Object> connectorEnv = new HashMap<>();
String username = cmdmap.remove("username");
String password = cmdmap.remove("password");
username = SecureUtils.readSecret("JMX username", username);
password = SecureUtils.readSecret("JMX password", password);
if (username != null && password != null) {
connectorEnv.put(JMXConnector.CREDENTIALS, new String[]{username, password});
}
JMXConnector connector = null; JMXConnector connector = null;
try { try {
JMXServiceURL url = bindJMXServiceURL(cmdmap); JMXServiceURL url = bindJMXServiceURL(cmdmap);
connector = JMXConnectorFactory.connect(url); connector = JMXConnectorFactory.connect(url, connectorEnv);
} catch (IOException e) { } catch (IOException e) {
e.printStackTrace(); e.printStackTrace();
} }

51
driver-jmx/src/main/java/io/nosqlbench/driver/jmx/SecureUtils.java Normal file
View File

@ -0,0 +1,51 @@
package io.nosqlbench.driver.jmx;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
public class SecureUtils {
private final static Logger logger = LoggerFactory.getLogger(SecureUtils.class);
public static String readSecret(String description, String source) {
if (source==null) {
return null;
}
if (source.startsWith("file:")) {
String sourceFile = source.substring("file:".length());
try {
return Files.readString(Path.of(sourceFile), StandardCharsets.UTF_8);
} catch (IOException e) {
throw new RuntimeException(e);
}
} else if (source.startsWith("console:")||source.equals("")) {
System.out.println("")
StringBuilder sb = new StringBuilder();
char in=0;
while (true) {
try {
in= (char)System.in.read();
} catch (IOException e) {
throw new RuntimeException(e);
}
if (in!='\n' && in!='\r') {
sb.append(in);
} else {
break;
}
}
return sb.toString();
} else {
logger.warn("Parameter for '" + description + "' was passed directly. This is less secure." +
" Consider using 'file:<file>' or 'console:' for this value instead");
return source;
}
}
}

11
driver-jmx/src/main/resources/jmx.md
View File

@ -13,9 +13,14 @@ In the first version of this driver, only reads are supported.
JMX transports can be configured in a myriad of ways. The options below allow you to add JMX transports can be configured in a myriad of ways. The options below allow you to add
connection options such as SSL and authentication. connection options such as SSL and authentication.
- **username** - The username to authenticate to the JMX server as. This can be specifed as the
- **ssl** - Use SSL settings provided. Thes SSL settings are from the NoSQLBench standard actual username to use, or 'file:...' to indicate a filename to load the user name from, or as
SSL support 'console:' to force the user name to be prompted for on the console. If an empty value is provided,
then the console is used by default.
- **password** - The password to authentiate to the JMX server with. This can be specifed as the
actual password to use, or 'file:...' to indicate a filename to load the user name from, or as
'console:' to force the user name to be prompted for on the console. If an empty value is provided,
then the console is used by default.
# Example Operations # Example Operations