cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authentication and authorization for a custom connector

Former Member

on ‎07-05-2004 3:29 PM

0 Kudos

I have the following problem: I have a software which tries to connect with the server through its own custom RMI connector.

So I have the RMI Connector deployed via Mlet-Service. I have written a small TestClient and can get a RemoteMBeanServer with RemoteMBeanServer rs = getRemoteMBeanServer(), but if I try to call something like rs.getMBeanCount() I get :

com.sap.engine.services.jmx.exception.JmxSecurityException: Caller Guest not authorized, only role administrators is allowed to access JMX

So the WebAS considers someone who tries to connect with this connector as guest. How do can I get authentication and autorization to access the JMX parts? The manual seems only to cover JSP and webapplications, where it is possible to configure a role for them. I only have this connector.jar, configuration and mlet-file.

I still have the option to use JAAS authentication with this connector, then I have to configure it differently and, the more difficult, to implemend

a method "public Subject authenticate(Object credentials)" where credentials are two Strings with user and passwd. But I am not quite sure how to fill the Subject with useful information.

Thanks in advance

Nils

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎05-31-2005 10:15 AM
0 Kudos

Jmx is secured resource and only administrator role user

can access it.

If your code is running in a servlet you can define

the servlet to run as administrator

1. Add in the web.xml

<security-role>

<role-name>AnyName</role-name>

</security-role>

2. Add in the web-j2ee-engine.xml

security-role-map>

<role-name>AnyName</role-name>

<server-role-name>administrators</server-role-name>

</security-role-map>

If you are runnig from a remote client you just have to

Properties connectionProperties = new Properties();

connectionProperties.setProperty(

Context.INITIAL_CONTEXT_FACTORY,

"com.sap.engine.services.jndi.InitialContextFactoryImpl");

connectionProperties.setProperty

(Context.PROVIDER_URL, "<host:p4port>");

connectionProperties.setProperty

(Context.SECURITY_PRINCIPAL, "<ADMIN USER>");

connectionProperties.setProperty

(Context.SECURITY_CREDENTIALS, "<PASSWORD>");

MBeanServerConnection mbsc =

JmxConnectionFactory.getMBeanServerConnection(

JmxConnectionFactory.PROTOCOL_ENGINE_P4,

connectionProperties);

Show replies
Show replies
Ask a Question