/** * Authorize execution of a method on the MBeanServer which does not take an MBean ObjectName * as its first argument. The whitelisted methods that match this criteria are generally * descriptive methods concerned with the MBeanServer itself, rather than with any particular * set of MBeans managed by the server and so we check the DESCRIBE permission on the root * JMXResource (representing the MBeanServer) * * @param subject * @param methodName * @return the result of the method invocation, if authorized * @throws Throwable * @throws SecurityException if authorization fails */ private boolean authorizeMBeanServerMethod(RoleResource subject, String methodName) { logger.trace("JMX invocation of {} on MBeanServer requires permission {}", methodName, Permission.DESCRIBE); return (MBEAN_SERVER_METHOD_WHITELIST.contains(methodName) && hasPermission(subject, Permission.DESCRIBE, JMXResource.root())); }
/** * Authorize execution of a method on the MBeanServer which does not take an MBean ObjectName * as its first argument. The whitelisted methods that match this criteria are generally * descriptive methods concerned with the MBeanServer itself, rather than with any particular * set of MBeans managed by the server and so we check the DESCRIBE permission on the root * JMXResource (representing the MBeanServer) * * @param subject * @param methodName * @return the result of the method invocation, if authorized * @throws Throwable * @throws SecurityException if authorization fails */ private boolean authorizeMBeanServerMethod(RoleResource subject, String methodName) { logger.trace("JMX invocation of {} on MBeanServer requires permission {}", methodName, Permission.DESCRIBE); return (MBEAN_SERVER_METHOD_WHITELIST.contains(methodName) && hasPermission(subject, Permission.DESCRIBE, JMXResource.root())); }
/** * Authorize execution of a method on the MBeanServer which does not take an MBean ObjectName * as its first argument. The whitelisted methods that match this criteria are generally * descriptive methods concerned with the MBeanServer itself, rather than with any particular * set of MBeans managed by the server and so we check the DESCRIBE permission on the root * JMXResource (representing the MBeanServer) * * @param subject * @param methodName * @return the result of the method invocation, if authorized * @throws Throwable * @throws SecurityException if authorization fails */ private boolean authorizeMBeanServerMethod(RoleResource subject, String methodName) { logger.trace("JMX invocation of {} on MBeanServer requires permission {}", methodName, Permission.DESCRIBE); return (MBEAN_SERVER_METHOD_WHITELIST.contains(methodName) && hasPermission(subject, Permission.DESCRIBE, JMXResource.root())); }