Package io.hawt.jmx

Interface JMXSecurityMBean

  • All Known Implementing Classes:
    JMXSecurity
    public interface JMXSecurityMBean
    Snagged from Apache Karaf 3.x

    Security MBean. This MBean can be used to find out whether the currently logged in user can access certain MBeans or invoke operations on these MBeans. It can be used when building client-facing consoles to ensure that only operations appropriate for the current user are presented.

    This MBean does not actually invoke any operations on the given objects, it only checks permissions.

    • Method Detail

      • canInvoke

        boolean canInvoke​(String objectName)
           throws Exception
        Checks whether the current user can invoke any methods on a JMX MBean.
        Parameters:
        objectName - The Object Name of the JMX MBean.
        Returns:
        true if there is at least one method on the MBean that the user can invoke.
        Throws:
        Exception

      • canInvoke

        boolean canInvoke​(String objectName,
                  String methodName)
           throws Exception
        Checks whether the current user can invoke any overload of the given method.
        Parameters:
        objectName - The Object Name of the JMX MBean.
        methodName - The name of the method to check.
        Returns:
        true if there is an overload of the specified method that the user can invoke.
        Throws:
        Exception

      • canInvoke

        boolean canInvoke​(String objectName,
                  String methodName,
                  String[] argumentTypes)
           throws Exception
        Checks whether the current user can invoke the given method.
        Parameters:
        objectName - The Object Name of the JMX MBean.
        methodName - The name of the method to check.
        argumentTypes - The argument types of to method.
        Returns:
        true if the user is allowed to invoke the method, or any of the methods with the given name if null is used for the arguments. There may still be certain values that the user does not have permission to pass to the method.
        Throws:
        Exception

      • canInvoke

        TabularData canInvoke​(Map<String,​List<String>> bulkQuery)
               throws Exception
        Bulk operation to check whether the current user can access the requested MBeans or invoke the requested methods.
        Parameters:
        bulkQuery - A map of Object Name to requested operations. Operations can be specified with or without arguments types. An operation without arguments matches any overloaded method with this name. If an empty list is provided for the operation names, a check is done whether the current user can invoke any operation on the MBean.

        Example: 

        
                                   Map<String, List<String>> query = new HashMap<>();
                                   String objectName = "org.acme:type=SomeMBean";
                                   query.put(objectName, Arrays.asList(
                                       "testMethod(long,java.lang.String)", // check this testMethod
                                       "otherMethod"));                     // check any overload of otherMethod
                                   query.put("org.acme:type=SomeOtherMBean",
                                       Collections.<String>emptyList());    // check any method of SomeOtherMBean
                                   TabularData result = mb.canInvoke(query);
        Returns:
        A Tabular Data object with the result. This object conforms the structure as defined in CAN_INVOKE_TABULAR_TYPE.
        Throws:
        Exception