diff --git a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnection.java b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnection.java
index dd9175e888f..5ce708ed43a 100644
--- a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnection.java
+++ b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnection.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -81,6 +81,11 @@ import javax.security.auth.Subject;
* of a method is not specified here, it is the same as in the
* corresponding MBeanServerConnection method.
*
+ * JMX Subject Delegation has been removed. All methods that take a
+ * {@code delegationSubject} parameter will throw {@code UnsupportedOperationException}
+ * if it is non-null. This parameter is kept for interoperability with older
+ * remote clients.
+ *
* @since 1.5
*/
/*
@@ -123,9 +128,7 @@ public interface RMIConnection extends Closeable, Remote {
*
* @param className The class name of the MBean to be instantiated.
* @param name The object name of the MBean. May be null.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return An ObjectInstance, containing the
* ObjectName and the Java class name of the newly
@@ -152,9 +155,10 @@ public interface RMIConnection extends Closeable, Remote {
* passed in parameter is null, the ObjectName passed
* in parameter contains a pattern or no ObjectName
* is specified for the MBean.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public ObjectInstance createMBean(String className,
ObjectName name,
@@ -175,9 +179,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param className The class name of the MBean to be instantiated.
* @param name The object name of the MBean. May be null.
* @param loaderName The object name of the class loader to be used.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return An ObjectInstance, containing the
* ObjectName and the Java class name of the newly
@@ -206,9 +208,10 @@ public interface RMIConnection extends Closeable, Remote {
* passed in parameter is null, the ObjectName passed
* in parameter contains a pattern or no ObjectName
* is specified for the MBean.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public ObjectInstance createMBean(String className,
ObjectName name,
@@ -238,9 +241,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param signature An array containing the signature of the
* constructor to be invoked. Can be null, equivalent to an empty
* array.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return An ObjectInstance, containing the
* ObjectName and the Java class name of the newly
@@ -267,9 +268,10 @@ public interface RMIConnection extends Closeable, Remote {
* passed in parameter is null, the ObjectName passed
* in parameter contains a pattern, or no ObjectName
* is specified for the MBean.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public ObjectInstance createMBean(String className,
ObjectName name,
@@ -301,9 +303,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param signature An array containing the signature of the
* constructor to be invoked. Can be null, equivalent to an empty
* array.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return An ObjectInstance, containing the
* ObjectName and the Java class name of the newly
@@ -332,9 +332,10 @@ public interface RMIConnection extends Closeable, Remote {
* passed in parameter is null, the ObjectName passed
* in parameter contains a pattern, or no ObjectName
* is specified for the MBean.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public ObjectInstance createMBean(String className,
ObjectName name,
@@ -356,9 +357,7 @@ public interface RMIConnection extends Closeable, Remote {
* {@link javax.management.MBeanServerConnection#unregisterMBean(ObjectName)}.
*
* @param name The object name of the MBean to be unregistered.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @throws InstanceNotFoundException The MBean specified is not
* registered in the MBean server.
@@ -370,9 +369,10 @@ public interface RMIConnection extends Closeable, Remote {
* name in parameter is null or the MBean you are when trying to
* unregister is the {@link javax.management.MBeanServerDelegate
* MBeanServerDelegate} MBean.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public void unregisterMBean(ObjectName name, Subject delegationSubject)
throws
@@ -385,9 +385,7 @@ public interface RMIConnection extends Closeable, Remote {
* {@link javax.management.MBeanServerConnection#getObjectInstance(ObjectName)}.
*
* @param name The object name of the MBean.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return The ObjectInstance associated with the MBean
* specified by name. The contained ObjectName
@@ -399,9 +397,11 @@ public interface RMIConnection extends Closeable, Remote {
* @throws RuntimeOperationsException Wraps a
* java.lang.IllegalArgumentException: The object
* name in parameter is null.
- * @throws SecurityException if the client, or the delegated Subject
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* if any, does not have permission to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public ObjectInstance getObjectInstance(ObjectName name,
Subject delegationSubject)
@@ -420,17 +420,16 @@ public interface RMIConnection extends Closeable, Remote {
* MBeans, encapsulated into a MarshalledObject. If
* the MarshalledObject encapsulates a null value no
* query expression will be applied for selecting MBeans.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return A set containing the ObjectInstance
* objects for the selected MBeans. If no MBean satisfies the
* query an empty list is returned.
*
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public Set
queryMBeans(ObjectName name,
@@ -451,17 +450,16 @@ public interface RMIConnection extends Closeable, Remote {
* MBeans, encapsulated into a MarshalledObject. If
* the MarshalledObject encapsulates a null value no
* query expression will be applied for selecting MBeans.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return A set containing the ObjectNames for the MBeans
* selected. If no MBean satisfies the query, an empty list is
* returned.
*
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public Set
queryNames(ObjectName name,
@@ -474,9 +472,7 @@ public interface RMIConnection extends Closeable, Remote {
* {@link javax.management.MBeanServerConnection#isRegistered(ObjectName)}.
*
* @param name The object name of the MBean to be checked.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return True if the MBean is already registered in the MBean
* server, false otherwise.
@@ -484,9 +480,10 @@ public interface RMIConnection extends Closeable, Remote {
* @throws RuntimeOperationsException Wraps a
* java.lang.IllegalArgumentException: The object
* name in parameter is null.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public boolean isRegistered(ObjectName name, Subject delegationSubject)
throws IOException;
@@ -495,15 +492,14 @@ public interface RMIConnection extends Closeable, Remote {
* Handles the method
* {@link javax.management.MBeanServerConnection#getMBeanCount()}.
*
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return the number of MBeans registered.
*
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public Integer getMBeanCount(Subject delegationSubject)
throws IOException;
@@ -517,9 +513,7 @@ public interface RMIConnection extends Closeable, Remote {
* attribute is to be retrieved.
* @param attribute A String specifying the name of the attribute
* to be retrieved.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return The value of the retrieved attribute.
*
@@ -538,9 +532,10 @@ public interface RMIConnection extends Closeable, Remote {
* null.
* @throws RuntimeMBeanException Wraps a runtime exception thrown
* by the MBean's getter.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*
* @see #setAttribute
*/
@@ -562,9 +557,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param name The object name of the MBean from which the
* attributes are retrieved.
* @param attributes A list of the attributes to be retrieved.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return The list of the retrieved attributes.
*
@@ -575,9 +568,10 @@ public interface RMIConnection extends Closeable, Remote {
* @throws RuntimeOperationsException Wrap a
* java.lang.IllegalArgumentException: The object
* name in parameter is null or attributes in parameter is null.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*
* @see #setAttributes
*/
@@ -600,9 +594,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param attribute The identification of the attribute to be set
* and the value it is to be set to, encapsulated into a
* MarshalledObject.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @throws InstanceNotFoundException The MBean specified is not
* registered in the MBean server.
@@ -619,9 +611,10 @@ public interface RMIConnection extends Closeable, Remote {
* java.lang.IllegalArgumentException: The object
* name in parameter is null or the attribute in parameter is
* null.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*
* @see #getAttribute
*/
@@ -647,9 +640,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param attributes A list of attributes: The identification of
* the attributes to be set and the values they are to be set to,
* encapsulated into a MarshalledObject.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return The list of attributes that were set, with their new
* values.
@@ -661,9 +652,10 @@ public interface RMIConnection extends Closeable, Remote {
* @throws RuntimeOperationsException Wraps a
* java.lang.IllegalArgumentException: The object
* name in parameter is null or attributes in parameter is null.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*
* @see #getAttributes
*/
@@ -693,9 +685,7 @@ public interface RMIConnection extends Closeable, Remote {
* class loader as the one used for loading the MBean on which the
* operation was invoked. Can be null, equivalent to an empty
* array.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return The object returned by the operation, which represents
* the result of invoking the operation on the MBean specified.
@@ -707,12 +697,13 @@ public interface RMIConnection extends Closeable, Remote {
* @throws ReflectionException Wraps a
* java.lang.Exception thrown while trying to invoke
* the method.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
* @throws RuntimeOperationsException Wraps an {@link
* IllegalArgumentException} when name or
* operationName is null.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public Object invoke(ObjectName name,
String operationName,
@@ -729,15 +720,14 @@ public interface RMIConnection extends Closeable, Remote {
* Handles the method
* {@link javax.management.MBeanServerConnection#getDefaultDomain()}.
*
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return the default domain.
*
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public String getDefaultDomain(Subject delegationSubject)
throws IOException;
@@ -746,15 +736,14 @@ public interface RMIConnection extends Closeable, Remote {
* Handles the method
* {@link javax.management.MBeanServerConnection#getDomains()}.
*
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return the list of domains.
*
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public String[] getDomains(Subject delegationSubject)
throws IOException;
@@ -764,9 +753,7 @@ public interface RMIConnection extends Closeable, Remote {
* {@link javax.management.MBeanServerConnection#getMBeanInfo(ObjectName)}.
*
* @param name The name of the MBean to analyze
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return An instance of MBeanInfo allowing the
* retrieval of all attributes and operations of this MBean.
@@ -777,12 +764,13 @@ public interface RMIConnection extends Closeable, Remote {
* not found.
* @throws ReflectionException An exception occurred when
* trying to invoke the getMBeanInfo of a Dynamic MBean.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
* @throws RuntimeOperationsException Wraps a
* java.lang.IllegalArgumentException: The object
* name in parameter is null.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public MBeanInfo getMBeanInfo(ObjectName name, Subject delegationSubject)
throws
@@ -798,21 +786,20 @@ public interface RMIConnection extends Closeable, Remote {
*
* @param name The ObjectName of the MBean.
* @param className The name of the class.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @return true if the MBean specified is an instance of the
* specified class according to the rules above, false otherwise.
*
* @throws InstanceNotFoundException The MBean specified is not
* registered in the MBean server.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
* @throws RuntimeOperationsException Wraps a
* java.lang.IllegalArgumentException: The object
* name in parameter is null.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public boolean isInstanceOf(ObjectName name,
String className,
@@ -839,9 +826,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param handback The context to be sent to the listener when a
* notification is emitted, encapsulated into a
* MarshalledObject.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @throws InstanceNotFoundException The MBean name of the
* notification listener or of the notification broadcaster does
@@ -851,9 +836,10 @@ public interface RMIConnection extends Closeable, Remote {
* listener exists but does not implement the
* {@link javax.management.NotificationListener} interface,
* or name or listener is null.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*
* @see #removeNotificationListener(ObjectName, ObjectName, Subject)
* @see #removeNotificationListener(ObjectName, ObjectName,
@@ -874,20 +860,19 @@ public interface RMIConnection extends Closeable, Remote {
* @param name The name of the MBean on which the listener should
* be removed.
* @param listener The object name of the listener to be removed.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @throws InstanceNotFoundException The MBean name provided
* does not match any of the registered MBeans.
* @throws ListenerNotFoundException The listener is not
* registered in the MBean.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
* @throws RuntimeOperationsException Wraps an {@link
* IllegalArgumentException} when name or
* listener is null.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*
* @see #addNotificationListener
*/
@@ -915,21 +900,20 @@ public interface RMIConnection extends Closeable, Remote {
* was added, encapsulated into a MarshalledObject.
* @param handback The handback that was specified when the
* listener was added, encapsulated into a MarshalledObject.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @throws InstanceNotFoundException The MBean name provided
* does not match any of the registered MBeans.
* @throws ListenerNotFoundException The listener is not
* registered in the MBean, or it is not registered with the given
* filter and handback.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to perform this operation.
+ * @throws SecurityException if the client does not have permission
+ * to perform this operation.
* @throws IOException if a general communication exception occurred.
* @throws RuntimeOperationsException Wraps an {@link
* IllegalArgumentException} when name or
* listener is null.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*
* @see #addNotificationListener
*/
@@ -972,12 +956,7 @@ public interface RMIConnection extends Closeable, Remote {
* @param filters an array of marshalled representations of the
* NotificationFilters. Elements of this array can
* be null.
- * @param delegationSubjects the Subjects on behalf
- * of which the listeners are being added. Elements of this array
- * can be null. Also, the delegationSubjects
- * parameter itself can be null, which is equivalent to an array
- * of null values with the same size as the names and
- * filters arrays.
+ * @param delegationSubjects must be {@code null}.
*
* @return an array of listenerIDs identifying the
* local listeners. This array has the same number of elements as
@@ -993,9 +972,9 @@ public interface RMIConnection extends Closeable, Remote {
* @throws InstanceNotFoundException if one of the
* names does not correspond to any registered MBean.
* @throws SecurityException if, for one of the MBeans, the
- * client, or the delegated Subject if any, does not have
- * permission to add a listener.
+ * client does not have permission to add a listener.
* @throws IOException if a general communication exception occurred.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public Integer[] addNotificationListeners(ObjectName[] names,
MarshalledObject[] filters,
@@ -1022,9 +1001,7 @@ public interface RMIConnection extends Closeable, Remote {
* emitting the Notifications.
* @param listenerIDs the list of the IDs corresponding to the
* listeners to remove.
- * @param delegationSubject The Subject containing the
- * delegation principals or null if the authentication
- * principal is used instead.
+ * @param delegationSubject must be {@code null}.
*
* @throws InstanceNotFoundException if the given
* name does not correspond to any registered MBean.
@@ -1032,12 +1009,13 @@ public interface RMIConnection extends Closeable, Remote {
* not found on the server side. This exception can happen if the
* MBean discarded a listener for some reason other than a call to
* MBeanServer.removeNotificationListener.
- * @throws SecurityException if the client, or the delegated Subject
- * if any, does not have permission to remove the listeners.
+ * @throws SecurityException if the client does not have permission
+ * to remove the listeners.
* @throws IOException if a general communication exception occurred.
* @throws IllegalArgumentException if ObjectName or
* listenerIds is null or if listenerIds
* contains a null element.
+ * @throws UnsupportedOperationException if {@code delegationSubject} is non-null.
*/
public void removeNotificationListeners(ObjectName name,
Integer[] listenerIDs,
diff --git a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
index 43c22f34e31..6b901ea2638 100644
--- a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
+++ b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -52,7 +52,6 @@ import static javax.management.remote.rmi.RMIConnector.Util.cast;
import com.sun.jmx.remote.internal.ServerCommunicatorAdmin;
import com.sun.jmx.remote.internal.ServerNotifForwarder;
import com.sun.jmx.remote.security.JMXSubjectDomainCombiner;
-import com.sun.jmx.remote.security.SubjectDelegator;
import com.sun.jmx.remote.util.ClassLoaderWithRepository;
import com.sun.jmx.remote.util.ClassLogger;
import com.sun.jmx.remote.util.EnvHelp;
@@ -110,21 +109,13 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
this.connectionId = connectionId;
this.defaultClassLoader = defaultClassLoader;
- this.subjectDelegator = new SubjectDelegator();
this.subject = subject;
if (subject == null) {
this.acc = null;
- this.removeCallerContext = false;
} else {
- this.removeCallerContext =
- SubjectDelegator.checkRemoveCallerContext(subject);
- if (this.removeCallerContext) {
- this.acc =
- JMXSubjectDomainCombiner.getDomainCombinerContext(subject);
- } else {
- this.acc =
- JMXSubjectDomainCombiner.getContext(subject);
- }
+ // An authenticated Subject was provided.
+ // Subject Delegation has been removed.
+ this.acc = JMXSubjectDomainCombiner.getContext(subject);
}
this.mbeanServer = rmiServer.getMBeanServer();
@@ -236,6 +227,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
// MBeanServerConnection Wrapper
//-------------------------------------------------------------------------
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public ObjectInstance createMBean(String className,
ObjectName name,
Subject delegationSubject)
@@ -278,6 +270,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public ObjectInstance createMBean(String className,
ObjectName name,
ObjectName loaderName,
@@ -326,6 +319,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public ObjectInstance createMBean(String className,
ObjectName name,
@@ -386,6 +380,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public ObjectInstance createMBean(String className,
ObjectName name,
@@ -453,6 +448,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void unregisterMBean(ObjectName name, Subject delegationSubject)
throws
InstanceNotFoundException,
@@ -481,6 +477,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public ObjectInstance getObjectInstance(ObjectName name,
Subject delegationSubject)
throws
@@ -511,6 +508,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public Set
queryMBeans(ObjectName name,
@@ -546,6 +544,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public Set
queryNames(ObjectName name,
@@ -581,6 +580,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public boolean isRegistered(ObjectName name,
Subject delegationSubject) throws IOException {
try {
@@ -598,6 +598,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public Integer getMBeanCount(Subject delegationSubject)
throws IOException {
try {
@@ -619,6 +620,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public Object getAttribute(ObjectName name,
String attribute,
Subject delegationSubject)
@@ -656,6 +658,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public AttributeList getAttributes(ObjectName name,
String[] attributes,
Subject delegationSubject)
@@ -688,6 +691,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public void setAttribute(ObjectName name,
MarshalledObject attribute,
@@ -741,6 +745,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public AttributeList setAttributes(ObjectName name,
MarshalledObject attributes,
@@ -787,6 +792,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public Object invoke(ObjectName name,
String operationName,
@@ -844,6 +850,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public String getDefaultDomain(Subject delegationSubject)
throws IOException {
try {
@@ -865,6 +872,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public String[] getDomains(Subject delegationSubject) throws IOException {
try {
final Object params[] = new Object[] { };
@@ -885,6 +893,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public MBeanInfo getMBeanInfo(ObjectName name, Subject delegationSubject)
throws
InstanceNotFoundException,
@@ -920,6 +929,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public boolean isInstanceOf(ObjectName name,
String className,
Subject delegationSubject)
@@ -950,6 +960,8 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public Integer[] addNotificationListeners(ObjectName[] names,
MarshalledObject[] filters,
@@ -959,9 +971,10 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
if (names == null || filters == null) {
throw new IllegalArgumentException("Got null arguments.");
}
-
- Subject[] sbjs = (delegationSubjects != null) ? delegationSubjects :
- new Subject[names.length];
+ if (delegationSubjects != null) {
+ throw new UnsupportedOperationException("Subject Delegation has been removed.");
+ }
+ Subject[] sbjs = new Subject[names.length];
if (names.length != filters.length || filters.length != sbjs.length) {
final String msg =
"The value lengths of 3 parameters are not same.";
@@ -1037,6 +1050,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public void addNotificationListener(ObjectName name,
ObjectName listener,
@@ -1096,6 +1110,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void removeNotificationListeners(ObjectName name,
Integer[] listenerIDs,
Subject delegationSubject)
@@ -1137,6 +1152,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void removeNotificationListener(ObjectName name,
ObjectName listener,
Subject delegationSubject)
@@ -1173,6 +1189,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("rawtypes") // MarshalledObject
public void removeNotificationListener(ObjectName name,
ObjectName listener,
@@ -1375,32 +1392,22 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
}
}
+ /** @throws UnsupportedOperationException {@inheritDoc} */
@SuppressWarnings("removal")
private Object doPrivilegedOperation(final int operation,
final Object[] params,
final Subject delegationSubject)
throws PrivilegedActionException, IOException {
+ // Subject Delegation is removed: locally this is caught earlier, in getMBeanServerConnection,
+ // but remote connections call into RMIConnectionImpl over RMI, so deny them here:
+ if (delegationSubject != null) {
+ throw new UnsupportedOperationException("Subject Delegation has been removed.");
+ }
serverCommunicatorAdmin.reqIncoming();
try {
-
- final AccessControlContext reqACC;
- if (delegationSubject == null)
- reqACC = acc;
- else {
- if (subject == null) {
- final String msg =
- "Subject delegation cannot be enabled unless " +
- "an authenticated subject is put in place";
- throw new SecurityException(msg);
- }
- reqACC = subjectDelegator.delegatedContext(
- acc, delegationSubject, removeCallerContext);
- }
-
- PrivilegedOperation op =
- new PrivilegedOperation(operation, params);
- if (reqACC == null) {
+ PrivilegedOperation op = new PrivilegedOperation(operation, params);
+ if (acc == null) {
try {
return op.run();
} catch (Exception e) {
@@ -1409,7 +1416,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
throw new PrivilegedActionException(e);
}
} else {
- return AccessController.doPrivileged(op, reqACC);
+ return AccessController.doPrivileged(op, acc);
}
} catch (Error e) {
throw new JMXServerErrorException(e.toString(),e);
@@ -1563,29 +1570,22 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
final Class wrappedClass,
Subject delegationSubject)
throws IOException {
+
+ // Subject Delegation is removed: locally this is caught earlier, in getMBeanServerConnection,
+ // but remote connections call into RMIConnectionImpl over RMI, so deny them here:
+ if (delegationSubject != null) {
+ throw new UnsupportedOperationException("Subject Delegation has been removed.");
+ }
if (mo == null) {
return null;
}
try {
final ClassLoader old = AccessController.doPrivileged(new SetCcl(cl));
try{
- final AccessControlContext reqACC;
- if (delegationSubject == null)
- reqACC = acc;
- else {
- if (subject == null) {
- final String msg =
- "Subject delegation cannot be enabled unless " +
- "an authenticated subject is put in place";
- throw new SecurityException(msg);
- }
- reqACC = subjectDelegator.delegatedContext(
- acc, delegationSubject, removeCallerContext);
- }
- if(reqACC != null){
+ if (acc != null) {
return AccessController.doPrivileged(
(PrivilegedExceptionAction) () ->
- wrappedClass.cast(mo.get()), reqACC);
+ wrappedClass.cast(mo.get()), acc);
}else{
return wrappedClass.cast(mo.get());
}
@@ -1704,10 +1704,6 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
private final Subject subject;
- private final SubjectDelegator subjectDelegator;
-
- private final boolean removeCallerContext;
-
@SuppressWarnings("removal")
private final AccessControlContext acc;
diff --git a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl_Stub.java b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl_Stub.java
index 4f51d1c25d2..8f72aba5fe6 100644
--- a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl_Stub.java
+++ b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl_Stub.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -114,6 +114,7 @@ public final class RMIConnectionImpl_Stub
// methods from remote interfaces
// implementation of addNotificationListener(ObjectName, ObjectName, MarshalledObject, MarshalledObject, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void addNotificationListener(javax.management.ObjectName $param_ObjectName_1, javax.management.ObjectName $param_ObjectName_2, java.rmi.MarshalledObject $param_MarshalledObject_3, java.rmi.MarshalledObject $param_MarshalledObject_4, javax.security.auth.Subject $param_Subject_5)
throws java.io.IOException, javax.management.InstanceNotFoundException {
try {
@@ -130,6 +131,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of addNotificationListeners(ObjectName[], MarshalledObject[], Subject[])
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.lang.Integer[] addNotificationListeners(javax.management.ObjectName[] $param_arrayOf_ObjectName_1, java.rmi.MarshalledObject[] $param_arrayOf_MarshalledObject_2, javax.security.auth.Subject[] $param_arrayOf_Subject_3)
throws java.io.IOException, javax.management.InstanceNotFoundException {
try {
@@ -161,6 +163,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of createMBean(String, ObjectName, MarshalledObject, String[], Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.ObjectInstance createMBean(java.lang.String $param_String_1, javax.management.ObjectName $param_ObjectName_2, java.rmi.MarshalledObject $param_MarshalledObject_3, java.lang.String[] $param_arrayOf_String_4, javax.security.auth.Subject $param_Subject_5)
throws java.io.IOException, javax.management.InstanceAlreadyExistsException, javax.management.MBeanException, javax.management.MBeanRegistrationException, javax.management.NotCompliantMBeanException, javax.management.ReflectionException {
try {
@@ -184,6 +187,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of createMBean(String, ObjectName, ObjectName, MarshalledObject, String[], Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.ObjectInstance createMBean(java.lang.String $param_String_1, javax.management.ObjectName $param_ObjectName_2, javax.management.ObjectName $param_ObjectName_3, java.rmi.MarshalledObject $param_MarshalledObject_4, java.lang.String[] $param_arrayOf_String_5, javax.security.auth.Subject $param_Subject_6)
throws java.io.IOException, javax.management.InstanceAlreadyExistsException, javax.management.InstanceNotFoundException, javax.management.MBeanException, javax.management.MBeanRegistrationException, javax.management.NotCompliantMBeanException, javax.management.ReflectionException {
try {
@@ -209,6 +213,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of createMBean(String, ObjectName, ObjectName, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.ObjectInstance createMBean(java.lang.String $param_String_1, javax.management.ObjectName $param_ObjectName_2, javax.management.ObjectName $param_ObjectName_3, javax.security.auth.Subject $param_Subject_4)
throws java.io.IOException, javax.management.InstanceAlreadyExistsException, javax.management.InstanceNotFoundException, javax.management.MBeanException, javax.management.MBeanRegistrationException, javax.management.NotCompliantMBeanException, javax.management.ReflectionException {
try {
@@ -234,6 +239,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of createMBean(String, ObjectName, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.ObjectInstance createMBean(java.lang.String $param_String_1, javax.management.ObjectName $param_ObjectName_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.InstanceAlreadyExistsException, javax.management.MBeanException, javax.management.MBeanRegistrationException, javax.management.NotCompliantMBeanException, javax.management.ReflectionException {
try {
@@ -275,6 +281,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of getAttribute(ObjectName, String, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.lang.Object getAttribute(javax.management.ObjectName $param_ObjectName_1, java.lang.String $param_String_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.AttributeNotFoundException, javax.management.InstanceNotFoundException, javax.management.MBeanException, javax.management.ReflectionException {
try {
@@ -298,6 +305,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of getAttributes(ObjectName, String[], Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.AttributeList getAttributes(javax.management.ObjectName $param_ObjectName_1, java.lang.String[] $param_arrayOf_String_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.ReflectionException {
try {
@@ -332,6 +340,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of getDefaultDomain(Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.lang.String getDefaultDomain(javax.security.auth.Subject $param_Subject_1)
throws java.io.IOException {
try {
@@ -347,6 +356,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of getDomains(Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.lang.String[] getDomains(javax.security.auth.Subject $param_Subject_1)
throws java.io.IOException {
try {
@@ -362,6 +372,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of getMBeanCount(Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.lang.Integer getMBeanCount(javax.security.auth.Subject $param_Subject_1)
throws java.io.IOException {
try {
@@ -377,6 +388,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of getMBeanInfo(ObjectName, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.MBeanInfo getMBeanInfo(javax.management.ObjectName $param_ObjectName_1, javax.security.auth.Subject $param_Subject_2)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.IntrospectionException, javax.management.ReflectionException {
try {
@@ -398,6 +410,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of getObjectInstance(ObjectName, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.ObjectInstance getObjectInstance(javax.management.ObjectName $param_ObjectName_1, javax.security.auth.Subject $param_Subject_2)
throws java.io.IOException, javax.management.InstanceNotFoundException {
try {
@@ -415,6 +428,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of invoke(ObjectName, String, MarshalledObject, String[], Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.lang.Object invoke(javax.management.ObjectName $param_ObjectName_1, java.lang.String $param_String_2, java.rmi.MarshalledObject $param_MarshalledObject_3, java.lang.String[] $param_arrayOf_String_4, javax.security.auth.Subject $param_Subject_5)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.MBeanException, javax.management.ReflectionException {
try {
@@ -436,6 +450,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of isInstanceOf(ObjectName, String, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public boolean isInstanceOf(javax.management.ObjectName $param_ObjectName_1, java.lang.String $param_String_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.InstanceNotFoundException {
try {
@@ -453,6 +468,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of isRegistered(ObjectName, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public boolean isRegistered(javax.management.ObjectName $param_ObjectName_1, javax.security.auth.Subject $param_Subject_2)
throws java.io.IOException {
try {
@@ -468,6 +484,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of queryMBeans(ObjectName, MarshalledObject, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.util.Set queryMBeans(javax.management.ObjectName $param_ObjectName_1, java.rmi.MarshalledObject $param_MarshalledObject_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException {
try {
@@ -483,6 +500,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of queryNames(ObjectName, MarshalledObject, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public java.util.Set queryNames(javax.management.ObjectName $param_ObjectName_1, java.rmi.MarshalledObject $param_MarshalledObject_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException {
try {
@@ -498,6 +516,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of removeNotificationListener(ObjectName, ObjectName, MarshalledObject, MarshalledObject, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void removeNotificationListener(javax.management.ObjectName $param_ObjectName_1, javax.management.ObjectName $param_ObjectName_2, java.rmi.MarshalledObject $param_MarshalledObject_3, java.rmi.MarshalledObject $param_MarshalledObject_4, javax.security.auth.Subject $param_Subject_5)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.ListenerNotFoundException {
try {
@@ -516,6 +535,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of removeNotificationListener(ObjectName, ObjectName, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void removeNotificationListener(javax.management.ObjectName $param_ObjectName_1, javax.management.ObjectName $param_ObjectName_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.ListenerNotFoundException {
try {
@@ -534,6 +554,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of removeNotificationListeners(ObjectName, Integer[], Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void removeNotificationListeners(javax.management.ObjectName $param_ObjectName_1, java.lang.Integer[] $param_arrayOf_Integer_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.ListenerNotFoundException {
try {
@@ -552,6 +573,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of setAttribute(ObjectName, MarshalledObject, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void setAttribute(javax.management.ObjectName $param_ObjectName_1, java.rmi.MarshalledObject $param_MarshalledObject_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.AttributeNotFoundException, javax.management.InstanceNotFoundException, javax.management.InvalidAttributeValueException, javax.management.MBeanException, javax.management.ReflectionException {
try {
@@ -576,6 +598,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of setAttributes(ObjectName, MarshalledObject, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public javax.management.AttributeList setAttributes(javax.management.ObjectName $param_ObjectName_1, java.rmi.MarshalledObject $param_MarshalledObject_2, javax.security.auth.Subject $param_Subject_3)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.ReflectionException {
try {
@@ -595,6 +618,7 @@ public final class RMIConnectionImpl_Stub
}
// implementation of unregisterMBean(ObjectName, Subject)
+ /** @throws UnsupportedOperationException {@inheritDoc} */
public void unregisterMBean(javax.management.ObjectName $param_ObjectName_1, javax.security.auth.Subject $param_Subject_2)
throws java.io.IOException, javax.management.InstanceNotFoundException, javax.management.MBeanRegistrationException {
try {
diff --git a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnector.java b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnector.java
index be63d25a671..24b9f1055b7 100644
--- a/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnector.java
+++ b/src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnector.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -385,16 +385,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
return connection.getConnectionId();
}
- public synchronized MBeanServerConnection getMBeanServerConnection()
- throws IOException {
- return getMBeanServerConnection(null);
- }
-
- @SuppressWarnings("removal")
- public synchronized MBeanServerConnection
- getMBeanServerConnection(Subject delegationSubject)
- throws IOException {
-
+ public synchronized MBeanServerConnection getMBeanServerConnection() throws IOException {
if (terminated) {
if (logger.traceOn())
logger.trace("getMBeanServerConnection","[" + this.toString() +
@@ -406,8 +397,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
"] is not connected.");
throw new IOException("Not connected");
}
-
- return getConnectionWithSubject(delegationSubject);
+ return getConnection();
}
public void
@@ -516,10 +506,6 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
}
}
- // Clean up MBeanServerConnection table
- //
- rmbscMap.clear();
-
/* Send notification of closure. We don't do this if the user
* never called connect() on the connector, because there's no
* connection id in that case. */
@@ -563,12 +549,9 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final ObjectName[] names = new ObjectName[] {name};
final MarshalledObject[] filters =
Util.cast(new MarshalledObject[] {filter});
- final Subject[] delegationSubjects = new Subject[] {
- delegationSubject
- };
final Integer[] listenerIDs =
- addListenersWithSubjects(names,filters,delegationSubjects,
+ addListenersWithSubjects(names,filters,null,
reconnect);
if (debug) logger.debug("addListenerWithSubject","listenerID="
@@ -594,7 +577,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
listenerIDs = connection.addNotificationListeners(names,
filters,
- delegationSubjects);
+ null);
} catch (NoSuchObjectException noe) {
// maybe reconnect
if (reconnect) {
@@ -602,7 +585,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
listenerIDs = connection.addNotificationListeners(names,
filters,
- delegationSubjects);
+ null);
} else {
throw noe;
}
@@ -623,14 +606,8 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
// Implementation of MBeanServerConnection
//--------------------------------------------------------------------
private class RemoteMBeanServerConnection implements MBeanServerConnection {
- private Subject delegationSubject;
public RemoteMBeanServerConnection() {
- this(null);
- }
-
- public RemoteMBeanServerConnection(Subject delegationSubject) {
- this.delegationSubject = delegationSubject;
}
public ObjectInstance createMBean(String className,
@@ -650,13 +627,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
return connection.createMBean(className,
name,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
return connection.createMBean(className,
name,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -684,7 +661,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
return connection.createMBean(className,
name,
loaderName,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
@@ -692,7 +669,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
return connection.createMBean(className,
name,
loaderName,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
@@ -722,7 +699,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
name,
sParams,
signature,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
@@ -730,7 +707,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
name,
sParams,
signature,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -762,7 +739,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
loaderName,
sParams,
signature,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
@@ -771,7 +748,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
loaderName,
sParams,
signature,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -786,11 +763,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final ClassLoader old = pushDefaultClassLoader();
try {
- connection.unregisterMBean(name, delegationSubject);
+ connection.unregisterMBean(name, null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- connection.unregisterMBean(name, delegationSubject);
+ connection.unregisterMBean(name, null);
} finally {
popDefaultClassLoader(old);
}
@@ -804,11 +781,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.getObjectInstance(name, delegationSubject);
+ return connection.getObjectInstance(name, null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.getObjectInstance(name, delegationSubject);
+ return connection.getObjectInstance(name, null);
} finally {
popDefaultClassLoader(old);
}
@@ -824,11 +801,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
new MarshalledObject(query);
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.queryMBeans(name, sQuery, delegationSubject);
+ return connection.queryMBeans(name, sQuery, null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.queryMBeans(name, sQuery, delegationSubject);
+ return connection.queryMBeans(name, sQuery, null);
} finally {
popDefaultClassLoader(old);
}
@@ -844,11 +821,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
new MarshalledObject(query);
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.queryNames(name, sQuery, delegationSubject);
+ return connection.queryNames(name, sQuery, null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.queryNames(name, sQuery, delegationSubject);
+ return connection.queryNames(name, sQuery, null);
} finally {
popDefaultClassLoader(old);
}
@@ -861,11 +838,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.isRegistered(name, delegationSubject);
+ return connection.isRegistered(name, null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.isRegistered(name, delegationSubject);
+ return connection.isRegistered(name, null);
} finally {
popDefaultClassLoader(old);
}
@@ -877,11 +854,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.getMBeanCount(delegationSubject);
+ return connection.getMBeanCount(null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.getMBeanCount(delegationSubject);
+ return connection.getMBeanCount(null);
} finally {
popDefaultClassLoader(old);
}
@@ -902,13 +879,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
return connection.getAttribute(name,
attribute,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
return connection.getAttribute(name,
attribute,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -927,14 +904,14 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
return connection.getAttributes(name,
attributes,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
return connection.getAttributes(name,
attributes,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -958,11 +935,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
new MarshalledObject(attribute);
final ClassLoader old = pushDefaultClassLoader();
try {
- connection.setAttribute(name, sAttribute, delegationSubject);
+ connection.setAttribute(name, sAttribute, null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- connection.setAttribute(name, sAttribute, delegationSubject);
+ connection.setAttribute(name, sAttribute, null);
} finally {
popDefaultClassLoader(old);
}
@@ -986,13 +963,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
return connection.setAttributes(name,
sAttributes,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
return connection.setAttributes(name,
sAttributes,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1021,7 +998,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
operationName,
sParams,
signature,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
@@ -1029,7 +1006,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
operationName,
sParams,
signature,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1042,11 +1019,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.getDefaultDomain(delegationSubject);
+ return connection.getDefaultDomain(null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.getDefaultDomain(delegationSubject);
+ return connection.getDefaultDomain(null);
} finally {
popDefaultClassLoader(old);
}
@@ -1057,11 +1034,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.getDomains(delegationSubject);
+ return connection.getDomains(null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.getDomains(delegationSubject);
+ return connection.getDomains(null);
} finally {
popDefaultClassLoader(old);
}
@@ -1076,11 +1053,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
if (logger.debugOn()) logger.debug("getMBeanInfo", "name=" + name);
final ClassLoader old = pushDefaultClassLoader();
try {
- return connection.getMBeanInfo(name, delegationSubject);
+ return connection.getMBeanInfo(name, null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
- return connection.getMBeanInfo(name, delegationSubject);
+ return connection.getMBeanInfo(name, null);
} finally {
popDefaultClassLoader(old);
}
@@ -1099,13 +1076,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
return connection.isInstanceOf(name,
className,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
return connection.isInstanceOf(name,
className,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1134,7 +1111,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
listener,
sFilter,
sHandback,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
@@ -1142,7 +1119,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
listener,
sFilter,
sHandback,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1163,13 +1140,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
connection.removeNotificationListener(name,
listener,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
connection.removeNotificationListener(name,
listener,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1200,7 +1177,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
listener,
sFilter,
sHandback,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
@@ -1208,7 +1185,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
listener,
sFilter,
sHandback,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1237,10 +1214,9 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final Integer listenerID =
addListenerWithSubject(name,
new MarshalledObject(filter),
- delegationSubject,true);
+ null, true);
rmiNotifClient.addNotificationListener(listenerID, name, listener,
- filter, handback,
- delegationSubject);
+ filter, handback);
}
public void removeNotificationListener(ObjectName name,
@@ -1267,13 +1243,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
connection.removeNotificationListeners(name,
ret,
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
connection.removeNotificationListeners(name,
ret,
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1309,13 +1285,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
try {
connection.removeNotificationListeners(name,
new Integer[] {ret},
- delegationSubject);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
connection.removeNotificationListeners(name,
new Integer[] {ret},
- delegationSubject);
+ null);
} finally {
popDefaultClassLoader(old);
}
@@ -1433,12 +1409,11 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
new ObjectName[] {MBeanServerDelegate.DELEGATE_NAME};
final MarshalledObject[] filters =
Util.cast(new MarshalledObject[] {sFilter});
- final Subject[] subjects = new Subject[] {null};
try {
listenerIDs =
connection.addNotificationListeners(names,
filters,
- subjects);
+ null);
} catch (IOException ioe) {
communicatorAdmin.gotIOException(ioe);
@@ -1446,7 +1421,7 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
listenerIDs =
connection.addNotificationListeners(names,
filters,
- subjects);
+ null);
}
return listenerIDs[0];
}
@@ -1564,7 +1539,6 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
ClientListenerInfo[] clis = new ClientListenerInfo[len];
- final Subject[] subjects = new Subject[len];
final ObjectName[] names = new ObjectName[len];
final NotificationListener[] listeners = new NotificationListener[len];
final NotificationFilter[] filters = new NotificationFilter[len];
@@ -1573,7 +1547,6 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
final Object[] handbacks = new Object[len];
for (i=0;i(filters[i]),
- subjects[i],
+ null,
false);
clis[j++] = new ClientListenerInfo(id,
names[i],
listeners[i],
filters[i],
- handbacks[i],
- subjects[i]);
+ handbacks[i]);
} catch (InstanceNotFoundException infe) {
logger.warning("reconnectNotificationListeners",
"Can't reconnect listener for " +
@@ -1745,7 +1716,6 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
// Initialization of transient variables.
private void initTransients() {
- rmbscMap = new WeakHashMap>();
connected = false;
terminated = false;
@@ -1893,21 +1863,13 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
private final ClassLoader loader;
}
- private MBeanServerConnection getConnectionWithSubject(Subject delegationSubject) {
+ private MBeanServerConnection getConnection() {
MBeanServerConnection conn = null;
- if (delegationSubject == null) {
- if (nullSubjectConnRef == null
- || (conn = nullSubjectConnRef.get()) == null) {
- conn = new RemoteMBeanServerConnection(null);
- nullSubjectConnRef = new WeakReference(conn);
- }
- } else {
- WeakReference wr = rmbscMap.get(delegationSubject);
- if (wr == null || (conn = wr.get()) == null) {
- conn = new RemoteMBeanServerConnection(delegationSubject);
- rmbscMap.put(delegationSubject, new WeakReference(conn));
- }
+ if (nullSubjectConnRef == null
+ || (conn = nullSubjectConnRef.get()) == null) {
+ conn = new RemoteMBeanServerConnection();
+ nullSubjectConnRef = new WeakReference(conn);
}
return conn;
}
@@ -2279,7 +2241,6 @@ public class RMIConnector implements JMXConnector, Serializable, JMXAddressable
private transient long clientNotifSeqNo = 0;
- private transient WeakHashMap> rmbscMap;
private transient WeakReference nullSubjectConnRef = null;
private transient RMINotifClient rmiNotifClient;
diff --git a/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientListenerInfo.java b/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientListenerInfo.java
index a1ab5db7999..4eb8fdfbd69 100644
--- a/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientListenerInfo.java
+++ b/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientListenerInfo.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -29,9 +29,6 @@ import javax.management.NotificationFilter;
import javax.management.NotificationListener;
import javax.management.ObjectName;
-import javax.security.auth.Subject;
-
-
/**
* An identified listener. A listener has an Integer id that is
* unique per connector server. It selects notifications based on the
@@ -43,14 +40,12 @@ public class ClientListenerInfo {
ObjectName name,
NotificationListener listener,
NotificationFilter filter,
- Object handback,
- Subject delegationSubject) {
+ Object handback) {
this.listenerID = listenerID;
this.name = name;
this.listener = listener;
this.filter = filter;
this.handback = handback;
- this.delegationSubject = delegationSubject;
}
public ObjectName getObjectName() {
@@ -73,11 +68,6 @@ public class ClientListenerInfo {
return handback;
}
- public Subject getDelegationSubject() {
- return delegationSubject;
- }
-
-
public boolean sameAs(ObjectName name) {
return (getObjectName().equals(name));
}
@@ -102,5 +92,4 @@ public class ClientListenerInfo {
private final NotificationListener listener;
private final Object handback;
- private final Subject delegationSubject;
}
diff --git a/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java b/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java
index 47677d47ade..471cccecc8a 100644
--- a/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java
+++ b/src/java.management/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -167,8 +167,7 @@ public abstract class ClientNotifForwarder {
ObjectName name,
NotificationListener listener,
NotificationFilter filter,
- Object handback,
- Subject delegationSubject)
+ Object handback)
throws IOException, InstanceNotFoundException {
if (logger.traceOn()) {
@@ -181,9 +180,7 @@ public abstract class ClientNotifForwarder {
name,
listener,
filter,
- handback,
- delegationSubject));
-
+ handback));
init(false);
}
diff --git a/src/java.management/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java b/src/java.management/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java
deleted file mode 100644
index f79af7e047f..00000000000
--- a/src/java.management/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.jmx.remote.security;
-
-import java.security.AccessController;
-import java.security.AccessControlContext;
-import java.security.Permission;
-import java.security.Principal;
-import java.security.PrivilegedAction;
-import javax.security.auth.Subject;
-
-import javax.management.remote.SubjectDelegationPermission;
-
-import java.util.*;
-
-public class SubjectDelegator {
- /* Return the AccessControlContext appropriate to execute an
- operation on behalf of the delegatedSubject. If the
- authenticatedAccessControlContext does not have permission to
- delegate to that subject, throw SecurityException. */
- @SuppressWarnings("removal")
- public AccessControlContext
- delegatedContext(AccessControlContext authenticatedACC,
- Subject delegatedSubject,
- boolean removeCallerContext)
- throws SecurityException {
-
- if (System.getSecurityManager() != null && authenticatedACC == null) {
- throw new SecurityException("Illegal AccessControlContext: null");
- }
-
- // Check if the subject delegation permission allows the
- // authenticated subject to assume the identity of each
- // principal in the delegated subject
- //
- Collection ps = getSubjectPrincipals(delegatedSubject);
- final Collection permissions = new ArrayList<>(ps.size());
- for(Principal p : ps) {
- final String pname = p.getClass().getName() + "." + p.getName();
- permissions.add(new SubjectDelegationPermission(pname));
- }
- PrivilegedAction action =
- new PrivilegedAction<>() {
- public Void run() {
- for (Permission sdp : permissions) {
- AccessController.checkPermission(sdp);
- }
- return null;
- }
- };
- AccessController.doPrivileged(action, authenticatedACC);
-
- return getDelegatedAcc(delegatedSubject, removeCallerContext);
- }
-
- @SuppressWarnings("removal")
- private AccessControlContext getDelegatedAcc(Subject delegatedSubject, boolean removeCallerContext) {
- if (removeCallerContext) {
- return JMXSubjectDomainCombiner.getDomainCombinerContext(delegatedSubject);
- } else {
- return JMXSubjectDomainCombiner.getContext(delegatedSubject);
- }
- }
-
- /**
- * Check if the connector server creator can assume the identity of each
- * principal in the authenticated subject, i.e. check if the connector
- * server creator codebase contains a subject delegation permission for
- * each principal present in the authenticated subject.
- *
- * @return {@code true} if the connector server creator can delegate to all
- * the authenticated principals in the subject. Otherwise, {@code false}.
- */
- @SuppressWarnings("removal")
- public static synchronized boolean
- checkRemoveCallerContext(Subject subject) {
- try {
- for (Principal p : getSubjectPrincipals(subject)) {
- final String pname =
- p.getClass().getName() + "." + p.getName();
- final Permission sdp =
- new SubjectDelegationPermission(pname);
- AccessController.checkPermission(sdp);
- }
- } catch (SecurityException e) {
- return false;
- }
- return true;
- }
-
- /**
- * Retrieves the {@linkplain Subject} principals
- * @param subject The subject
- * @return If the {@code Subject} is immutable it will return the principals directly.
- * If the {@code Subject} is mutable it will create an unmodifiable copy.
- */
- private static Collection getSubjectPrincipals(Subject subject) {
- if (subject.isReadOnly()) {
- return subject.getPrincipals();
- }
-
- List principals = Arrays.asList(subject.getPrincipals().toArray(new Principal[0]));
- return Collections.unmodifiableList(principals);
- }
-}
diff --git a/src/java.management/share/classes/javax/management/remote/JMXConnector.java b/src/java.management/share/classes/javax/management/remote/JMXConnector.java
index fcd7c443f7e..8618ffa94b0 100644
--- a/src/java.management/share/classes/javax/management/remote/JMXConnector.java
+++ b/src/java.management/share/classes/javax/management/remote/JMXConnector.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -115,12 +115,6 @@ public interface JMXConnector extends Closeable {
* {@link JMXServerErrorException}, which is seen by the
* client.
*
- * Calling this method is equivalent to calling
- * {@link #getMBeanServerConnection(Subject) getMBeanServerConnection(null)}
- * meaning that no delegation subject is specified and that all the
- * operations called on the MBeanServerConnection must
- * use the authenticated subject, if any.
- *
* @return an object that implements the
* MBeanServerConnection interface by forwarding its
* methods to the remote MBean server.
@@ -135,49 +129,37 @@ public interface JMXConnector extends Closeable {
throws IOException;
/**
- * Returns an MBeanServerConnection object representing
- * a remote MBean server on which operations are performed on behalf of
- * the supplied delegation subject. For a given JMXConnector
- * and Subject, two successful calls to this method will
- * usually return the same MBeanServerConnection object,
- * though this is not required.
+ * When {@code delegationSubject} is {@code null}, calling his method
+ * is equivalent to calling {@link #getMBeanServerConnection()}.
*
- *
For each method in the returned
- * MBeanServerConnection, calling the method causes
- * the corresponding method to be called in the remote MBean
- * server on behalf of the given delegation subject instead of the
- * authenticated subject. The value returned by the MBean server
- * method is the value returned to the client. If the MBean server
- * method produces an Exception, the same
- * Exception is seen by the client. If the MBean
- * server method, or the attempt to call it, produces an
- * Error, the Error is wrapped in a
- * {@link JMXServerErrorException}, which is seen by the
- * client.
+ * @implSpec The default implementation of this method throws
+ * {@code UnsupportedOperationException} if {@code delegationSubject} is
+ * non-null. Otherwise it calls {@link getMBeanServerConnection()}.
*
- * @param delegationSubject the Subject on behalf of
- * which requests will be performed. Can be null, in which case
- * requests will be performed on behalf of the authenticated
- * Subject, if any.
+ * @param delegationSubject must be {@code null}.
*
* @return an object that implements the MBeanServerConnection
- * interface by forwarding its methods to the remote MBean server on behalf
- * of a given delegation subject.
+ * interface by forwarding its methods to the remote MBean server.
*
* @exception IOException if a valid MBeanServerConnection
* cannot be created, for instance because the connection to the remote
* MBean server has not yet been established (with the {@link #connect(Map)
* connect} method), or it has been closed, or it has broken.
*
+ * @exception UnsupportedOperationException if {@code delegationSubject} is non-null.
+ *
* @deprecated This method supported the legacy Subject Delegation feature,
- * and is only useful in conjunction with other APIs which are deprecated and
- * subject to removal in a future release. Consequently, this method is also
- * deprecated and subject to removal. There is no replacement.
+ * which has been removed. There is no replacement.
*/
@Deprecated(since="21", forRemoval=true)
- public MBeanServerConnection getMBeanServerConnection(
- Subject delegationSubject)
- throws IOException;
+ public default MBeanServerConnection getMBeanServerConnection(Subject delegationSubject)
+ throws IOException {
+
+ if (delegationSubject != null) {
+ throw new UnsupportedOperationException("Subject Delegation has been removed.");
+ }
+ return getMBeanServerConnection();
+ }
/**
* Closes the client connection to its server. Any ongoing or new
diff --git a/test/jdk/ProblemList-Virtual.txt b/test/jdk/ProblemList-Virtual.txt
index 6461c3b4a61..c352e8a95c1 100644
--- a/test/jdk/ProblemList-Virtual.txt
+++ b/test/jdk/ProblemList-Virtual.txt
@@ -76,5 +76,4 @@ java/util/PluggableLocale/PermissionTest.java 0000000 generic-all
java/util/Properties/StoreReproducibilityTest.java 0000000 generic-all
java/util/Properties/StoreReproducibilityTest.java 0000000 generic-all
javax/management/ImplementationVersion/ImplVersionTest.java 0000000 generic-all
-javax/management/remote/mandatory/subjectDelegation/SubjectDelegation1Test.java 0000000 generic-all
javax/management/remote/mandatory/version/ImplVersionTest.java 0000000 generic-all
diff --git a/test/jdk/ProblemList.txt b/test/jdk/ProblemList.txt
index 1864cc456d7..64dfa2224bb 100644
--- a/test/jdk/ProblemList.txt
+++ b/test/jdk/ProblemList.txt
@@ -534,8 +534,6 @@ javax/management/remote/mandatory/connection/RMIConnector_NPETest.java 8267887 g
javax/management/remote/mandatory/connection/BrokenConnectionTest.java 8262312 linux-all
-javax/management/remote/mandatory/subjectDelegation/SubjectDelegation1Test.java 8149084 linux-aarch64
-
############################################################################
# jdk_net
diff --git a/test/jdk/javax/management/remote/mandatory/RemovedSubjectDelegation.java b/test/jdk/javax/management/remote/mandatory/RemovedSubjectDelegation.java
new file mode 100644
index 00000000000..8ba445a15b6
--- /dev/null
+++ b/test/jdk/javax/management/remote/mandatory/RemovedSubjectDelegation.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8326666
+ * @summary Test that Subject Delegation is removed.
+ * @modules java.management.rmi
+ * java.management/com.sun.jmx.remote.security
+ * @run main/othervm RemovedSubjectDelegation
+ */
+
+import java.lang.management.ManagementFactory;
+import java.rmi.RemoteException;
+import java.rmi.registry.LocateRegistry;
+import java.rmi.registry.Registry;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Properties;
+import javax.management.MBeanServer;
+import javax.management.MBeanServerConnection;
+import javax.management.remote.JMXConnector;
+import javax.management.remote.JMXConnectorFactory;
+import javax.management.remote.JMXConnectorServer;
+import javax.management.remote.JMXConnectorServerFactory;
+import javax.management.remote.JMXPrincipal;
+import javax.management.remote.JMXServiceURL;
+import javax.security.auth.Subject;
+
+public class RemovedSubjectDelegation {
+
+ public static void main(String[] args) throws Exception {
+ JMXConnectorServer jmxcs = null;
+ JMXConnector jmxc = null;
+ try {
+ // Create an RMI registry
+ //
+ System.out.println("Start RMI registry...");
+ Registry reg = null;
+ int port = 5900;
+ while (port++ < 5920) {
+ try {
+ reg = LocateRegistry.createRegistry(port);
+ System.out.println("RMI registry running on port " + port);
+ break;
+ } catch (RemoteException e) {
+ // Failed to create RMI registry...
+ System.out.println("Failed to create RMI registry " +
+ "on port " + port);
+ }
+ }
+ if (reg == null) {
+ throw new RuntimeException("Failed to create RMI registry.");
+ }
+ // Instantiate the MBean server
+ //
+ System.out.println("Create the MBean server");
+ MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
+ // Create an RMI connector server
+ //
+ System.out.println("Create an RMI connector server");
+ JMXServiceURL url = new JMXServiceURL("rmi", null, 0);
+ HashMap env = new HashMap();
+ jmxcs = JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
+ jmxcs.start();
+ // Create an RMI connector client
+ //
+ System.out.println("Create an RMI connector client");
+ // Not setting env with "jmx.remote.credentials", should not get as far as verifying:
+ jmxc = JMXConnectorFactory.connect(jmxcs.getAddress());
+ Subject delegationSubject =
+ new Subject(true,
+ Collections.singleton(new JMXPrincipal("delegate")),
+ Collections.EMPTY_SET,
+ Collections.EMPTY_SET);
+
+ MBeanServerConnection mbsc = null;
+ try {
+ mbsc = jmxc.getMBeanServerConnection(delegationSubject);
+ throw new RuntimeException("FAIL: delegationSubject was accepted. mbsc=" + mbsc);
+ } catch (UnsupportedOperationException e) {
+ System.out.println("PASS: " + e);
+ }
+ } catch (Exception e) {
+ System.out.println("Unexpected exception caught = " + e);
+ e.printStackTrace();
+ throw e;
+ } finally {
+ if (jmxc != null)
+ jmxc.close();
+ if (jmxcs != null)
+ jmxcs.stop();
+ }
+ }
+}
diff --git a/test/jdk/javax/management/remote/mandatory/connection/RMIConnectorInternalMapTest.java b/test/jdk/javax/management/remote/mandatory/connection/RMIConnectorInternalMapTest.java
deleted file mode 100644
index b797563017d..00000000000
--- a/test/jdk/javax/management/remote/mandatory/connection/RMIConnectorInternalMapTest.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.lang.management.ManagementFactory;
-import java.lang.ref.WeakReference;
-import java.lang.reflect.Field;
-import java.util.Collections;
-import java.util.Map;
-import javax.management.MBeanServer;
-import javax.management.MBeanServerConnection;
-import javax.management.remote.JMXConnector;
-import javax.management.remote.JMXConnectorFactory;
-import javax.management.remote.JMXConnectorServer;
-import javax.management.remote.JMXConnectorServerFactory;
-import javax.management.remote.JMXPrincipal;
-import javax.management.remote.JMXServiceURL;
-import javax.management.remote.rmi.RMIConnector;
-import javax.security.auth.Subject;
-
-/*
- * @test
- * @bug 6566891
- * @summary Check no memory leak on RMIConnector's rmbscMap
- * @author Shanliang JIANG
- * @modules java.management.rmi/javax.management.remote.rmi:open
- * @run clean RMIConnectorInternalMapTest
- * @run build RMIConnectorInternalMapTest
- * @run main RMIConnectorInternalMapTest
- */
-
-public class RMIConnectorInternalMapTest {
- public static void main(String[] args) throws Exception {
- System.out.println("---RMIConnectorInternalMapTest starting...");
-
- JMXConnectorServer connectorServer = null;
- JMXConnector connectorClient = null;
-
- try {
- MBeanServer mserver = ManagementFactory.getPlatformMBeanServer();
- JMXServiceURL serverURL = new JMXServiceURL("rmi", "localhost", 0);
- connectorServer = JMXConnectorServerFactory.newJMXConnectorServer(serverURL, null, mserver);
- connectorServer.start();
-
- JMXServiceURL serverAddr = connectorServer.getAddress();
- connectorClient = JMXConnectorFactory.connect(serverAddr, null);
- connectorClient.connect();
-
- Field rmbscMapField = RMIConnector.class.getDeclaredField("rmbscMap");
- rmbscMapField.setAccessible(true);
- Map> map =
- (Map>) rmbscMapField.get(connectorClient);
- if (map != null && !map.isEmpty()) { // failed
- throw new RuntimeException("RMIConnector's rmbscMap must be empty at the initial time.");
- }
-
- Subject delegationSubject =
- new Subject(true,
- Collections.singleton(new JMXPrincipal("delegate")),
- Collections.EMPTY_SET,
- Collections.EMPTY_SET);
- MBeanServerConnection mbsc1 =
- connectorClient.getMBeanServerConnection(delegationSubject);
- MBeanServerConnection mbsc2 =
- connectorClient.getMBeanServerConnection(delegationSubject);
-
- if (mbsc1 == null) {
- throw new RuntimeException("Got null connection.");
- }
- if (mbsc1 != mbsc2) {
- throw new RuntimeException("Not got same connection with a same subject.");
- }
-
- map = (Map>) rmbscMapField.get(connectorClient);
- if (map == null || map.isEmpty()) { // failed
- throw new RuntimeException("RMIConnector's rmbscMap has wrong size "
- + "after creating a delegated connection.");
- }
-
- delegationSubject = null;
- mbsc1 = null;
- mbsc2 = null;
-
- int i = 0;
- while (!map.isEmpty() && i++ < 60) {
- System.gc();
- Thread.sleep(100);
- }
- System.out.println("---GC times: " + i);
-
- if (!map.isEmpty()) {
- throw new RuntimeException("Failed to clean RMIConnector's rmbscMap");
- } else {
- System.out.println("---RMIConnectorInternalMapTest: PASSED!");
- }
- } finally {
- try {
- connectorClient.close();
- connectorServer.stop();
- } catch (Exception e) {
- }
- }
- }
-}
diff --git a/test/jdk/javax/management/remote/mandatory/notif/DeadListenerTest.java b/test/jdk/javax/management/remote/mandatory/notif/DeadListenerTest.java
index 11942eace3a..f35ee295c1e 100644
--- a/test/jdk/javax/management/remote/mandatory/notif/DeadListenerTest.java
+++ b/test/jdk/javax/management/remote/mandatory/notif/DeadListenerTest.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -75,11 +75,11 @@ public class DeadListenerTest {
RMIConnectorServer cs = new RMIConnectorServer(url, null, rmiServer, mbs);
cs.start();
JMXServiceURL addr = cs.getAddress();
- assertTrue("No connections in new connector server", rmiServer.connections.isEmpty());
+ assertTrue("Expected no connections in new connector server", rmiServer.connections.isEmpty());
JMXConnector cc = JMXConnectorFactory.connect(addr);
MBeanServerConnection mbsc = cc.getMBeanServerConnection();
- assertTrue("One connection on server after client connect", rmiServer.connections.size() == 1);
+ assertTrue("Expected one connection on server after client connect", rmiServer.connections.size() == 1);
RMIConnectionImpl connection = rmiServer.connections.get(0);
Method getServerNotifFwdM = RMIConnectionImpl.class.getDeclaredMethod("getServerNotifFwd");
getServerNotifFwdM.setAccessible(true);
@@ -88,7 +88,7 @@ public class DeadListenerTest {
listenerMapF.setAccessible(true);
@SuppressWarnings("unchecked")
Map> listenerMap = (Map>) listenerMapF.get(serverNotifForwarder);
- assertTrue("Server listenerMap initially empty", mapWithoutKey(listenerMap, delegateName).isEmpty());
+ assertTrue("Expected server listenerMap initially empty", mapWithoutKey(listenerMap, delegateName).isEmpty());
final AtomicInteger count1Val = new AtomicInteger();
CountListener count1 = new CountListener(count1Val);
@@ -104,12 +104,12 @@ public class DeadListenerTest {
WeakReference count2Ref = new WeakReference<>(count2);
count2 = null;
- assertTrue("One entry in listenerMap for two listeners on same MBean", mapWithoutKey(listenerMap, delegateName).size() == 1);
+ assertTrue("Expected one entry in listenerMap for two listeners on same MBean", mapWithoutKey(listenerMap, delegateName).size() == 1);
Set set = listenerMap.get(name);
- assertTrue("Set in listenerMap for MBean has two elements", set != null && set.size() == 2);
+ assertTrue("Expected Set in listenerMap for MBean to have two elements", set != null && set.size() == 2);
- assertTrue("Initial value of count1 == 0", count1Val.get() == 0);
- assertTrue("Initial value of count2 == 0", count2Val.get() == 0);
+ assertTrue("Initial value of count1 should be 0", count1Val.get() == 0);
+ assertTrue("Initial value of count2 should be 0", count2Val.get() == 0);
Notification notif = new Notification("type", name, 0);
@@ -119,8 +119,8 @@ public class DeadListenerTest {
while ((count1Val.get() != 1 || count2Val.get() != 1) ) {
Thread.sleep(20);
}
- assertTrue("New value of count1 == 1", count1Val.get() == 1);
- assertTrue("Initial value of count2 == 1", count2Val.get() == 1);
+ assertTrue("Value of count1 expected 1, got " + count1Val.get(), count1Val.get() == 1);
+ assertTrue("Value of count2 expected 1, got " + count2Val.get(), count2Val.get() == 1);
// Make sure that removing a nonexistent listener from an existent MBean produces ListenerNotFoundException
CountListener count3 = new CountListener();
@@ -146,8 +146,8 @@ public class DeadListenerTest {
mbean.sendNotification(notif);
Thread.sleep(200);
- assertTrue("New value of count1 == 1", count1Val.get() == 1);
- assertTrue("Initial value of count2 == 1", count2Val.get() == 1);
+ assertTrue("Value of count1 expected 1, got " + count1Val.get(), count1Val.get() == 1);
+ assertTrue("Value of count2 expected 1, got " + count2Val.get(), count2Val.get() == 1);
// wait for the listener cleanup to take place upon processing notifications
int countdown = 50; // waiting max. 5 secs
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SimpleStandard.java b/test/jdk/javax/management/remote/mandatory/subjectDelegation/SimpleStandard.java
deleted file mode 100644
index 72415a33cc5..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SimpleStandard.java
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * Simple definition of a standard MBean, named "SimpleStandard".
- *
- * The "SimpleStandard" standard MBean shows how to expose attributes and
- * operations for management by implementing its corresponding
- * "SimpleStandardMBean" management interface.
- *
- * This MBean has two attributes and one operation exposed
- * for management by a JMX agent:
- * - the read/write "State" attribute,
- * - the read only "NbChanges" attribute,
- * - the "reset()" operation.
- *
- * This object also has one property and one method not exposed
- * for management by a JMX agent:
- * - the "NbResets" property,
- * - the "getNbResets()" method.
- */
-
-import java.security.AccessControlContext;
-import java.security.AccessController;
-import java.security.Principal;
-import java.util.Set;
-import javax.management.AttributeChangeNotification;
-import javax.management.NotificationBroadcasterSupport;
-import javax.management.remote.JMXPrincipal;
-import javax.security.auth.Subject;
-
-public class SimpleStandard
- extends NotificationBroadcasterSupport
- implements SimpleStandardMBean {
-
- /*
- * -----------------------------------------------------
- * CONSTRUCTORS
- * -----------------------------------------------------
- */
-
- public SimpleStandard(String principalName) {
- this.principalName = principalName;
- }
-
- /*
- * -----------------------------------------------------
- * IMPLEMENTATION OF THE SimpleStandardMBean INTERFACE
- * -----------------------------------------------------
- */
-
- /**
- * Getter: get the "State" attribute of the "SimpleStandard" standard MBean.
- *
- * @return the current value of the "State" attribute.
- */
- public String getState() {
- checkSubject("getState");
- return state;
- }
-
- /**
- * Setter: set the "State" attribute of the "SimpleStandard" standard MBean.
- *
- * @param s the new value of the "State" attribute.
- */
- public void setState(String s) {
- checkSubject("setState");
- state = s;
- nbChanges++;
- }
-
- /**
- * Getter: get the "NbChanges" attribute of the "SimpleStandard" standard
- * MBean.
- *
- * @return the current value of the "NbChanges" attribute.
- */
- public int getNbChanges() {
- checkSubject("getNbChanges");
- return nbChanges;
- }
-
- /**
- * Operation: reset to their initial values the "State" and "NbChanges"
- * attributes of the "SimpleStandard" standard MBean.
- */
- public void reset() {
- checkSubject("reset");
- AttributeChangeNotification acn =
- new AttributeChangeNotification(this,
- 0,
- 0,
- "NbChanges reset",
- "NbChanges",
- "Integer",
- new Integer(nbChanges),
- new Integer(0));
- state = "initial state";
- nbChanges = 0;
- nbResets++;
- sendNotification(acn);
- }
-
- /*
- * -----------------------------------------------------
- * METHOD NOT EXPOSED FOR MANAGEMENT BY A JMX AGENT
- * -----------------------------------------------------
- */
-
- /**
- * Return the "NbResets" property.
- * This method is not a Getter in the JMX sense because
- * it is not exposed in the "SimpleStandardMBean" interface.
- *
- * @return the current value of the "NbResets" property.
- */
- public int getNbResets() {
- return nbResets;
- }
-
- /*
- * ---------------
- * PRIVATE METHODS
- * ---------------
- */
-
- /**
- * Check that the principal contained in the Subject is of
- * type JMXPrincipal and refers to the principalName identity.
- */
- private void checkSubject(String op) {
- AccessControlContext acc = AccessController.getContext();
- Subject subject = Subject.getSubject(acc);
- Set principals = subject.getPrincipals();
- Principal principal = (Principal) principals.iterator().next();
- if (!(principal instanceof JMXPrincipal))
- throw new SecurityException(op+": Authenticated subject contains " +
- "invalid principal type = " +
- principal.getClass().getName());
- String identity = principal.getName();
- if (!identity.equals(principalName))
- throw new SecurityException(op+": Authenticated subject contains " +
- "invalid principal name = " + identity);
- }
-
- /*
- * -----------------------------------------------------
- * ATTRIBUTES ACCESSIBLE FOR MANAGEMENT BY A JMX AGENT
- * -----------------------------------------------------
- */
-
- private String state = "initial state";
- private int nbChanges = 0;
-
- /*
- * -----------------------------------------------------
- * PROPERTY NOT ACCESSIBLE FOR MANAGEMENT BY A JMX AGENT
- * -----------------------------------------------------
- */
-
- private int nbResets = 0;
- private String principalName;
-}
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SimpleStandardMBean.java b/test/jdk/javax/management/remote/mandatory/subjectDelegation/SimpleStandardMBean.java
deleted file mode 100644
index 5b1921ccdbb..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SimpleStandardMBean.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * This is the management interface explicitly defined for the
- * "SimpleStandard" standard MBean.
- * The "SimpleStandard" standard MBean implements this interface
- * in order to be manageable through a JMX agent.
- *
- * The "SimpleStandardMBean" interface shows how to expose for management:
- * - a read/write attribute (named "State") through its getter and setter
- * methods,
- * - a read-only attribute (named "NbChanges") through its getter method,
- * - an operation (named "reset").
- */
-public interface SimpleStandardMBean {
-
- /**
- * Getter: set the "State" attribute of the "SimpleStandard" standard
- * MBean.
- *
- * @return the current value of the "State" attribute.
- */
- public String getState();
-
- /**
- * Setter: set the "State" attribute of the "SimpleStandard" standard
- * MBean.
- *
- * @param s the new value of the "State" attribute.
- */
- public void setState(String s);
-
- /**
- * Getter: get the "NbChanges" attribute of the "SimpleStandard" standard
- * MBean.
- *
- * @return the current value of the "NbChanges" attribute.
- */
- public int getNbChanges();
-
- /**
- * Operation: reset to their initial values the "State" and "NbChanges"
- * attributes of the "SimpleStandard" standard MBean.
- */
- public void reset();
-}
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation1Test.java b/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation1Test.java
deleted file mode 100644
index 31228b5d030..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation1Test.java
+++ /dev/null
@@ -1,226 +0,0 @@
-/*
- * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 6261831
- * @summary Tests the use of the subject delegation feature in the
- * RMI connector
- * @author Luis-Miguel Alventosa
- * @modules java.management.rmi
- * java.management/com.sun.jmx.remote.security
- * @run clean SubjectDelegation1Test SimpleStandard SimpleStandardMBean
- * @run build SubjectDelegation1Test SimpleStandard SimpleStandardMBean
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation1Test policy11 ok
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation1Test policy12 ko
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation1Test policy13 ko
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation1Test policy14 ko
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation1Test policy15 ok
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation1Test policy16 ko
- */
-
-import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
-import java.io.File;
-import java.lang.management.ManagementFactory;
-import java.rmi.RemoteException;
-import java.rmi.registry.LocateRegistry;
-import java.rmi.registry.Registry;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Properties;
-import javax.management.Attribute;
-import javax.management.MBeanServer;
-import javax.management.MBeanServerConnection;
-import javax.management.Notification;
-import javax.management.NotificationListener;
-import javax.management.ObjectName;
-import javax.management.remote.JMXConnector;
-import javax.management.remote.JMXConnectorFactory;
-import javax.management.remote.JMXConnectorServer;
-import javax.management.remote.JMXConnectorServerFactory;
-import javax.management.remote.JMXPrincipal;
-import javax.management.remote.JMXServiceURL;
-import javax.security.auth.Subject;
-
-public class SubjectDelegation1Test {
-
- public static void main(String[] args) throws Exception {
- String policyFile = args[0];
- String testResult = args[1];
- System.out.println("Policy file = " + policyFile);
- System.out.println("Expected test result = " + testResult);
- JMXConnectorServer jmxcs = null;
- JMXConnector jmxc = null;
- try {
- // Create an RMI registry
- //
- System.out.println("Start RMI registry...");
- Registry reg = null;
- int port = 5860;
- while (port++ < 5880) {
- try {
- reg = LocateRegistry.createRegistry(port);
- System.out.println("RMI registry running on port " + port);
- break;
- } catch (RemoteException e) {
- // Failed to create RMI registry...
- System.out.println("Failed to create RMI registry " +
- "on port " + port);
- }
- }
- if (reg == null) {
- System.exit(1);
- }
- // Set the default password file
- //
- final String passwordFile = System.getProperty("test.src") +
- File.separator + "jmxremote.password";
- System.out.println("Password file = " + passwordFile);
- // Set policy file
- //
- final String policy = System.getProperty("test.src") +
- File.separator + policyFile;
- System.out.println("PolicyFile = " + policy);
- System.setProperty("java.security.policy", policy);
- // Instantiate the MBean server
- //
- System.out.println("Create the MBean server");
- MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
- // Register the SimpleStandardMBean
- //
- System.out.println("Create SimpleStandard MBean");
- SimpleStandard s = new SimpleStandard("delegate");
- mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));
- // Create Properties containing the username/password entries
- //
- Properties props = new Properties();
- props.setProperty("jmx.remote.x.password.file", passwordFile);
- // Initialize environment map to be passed to the connector server
- //
- System.out.println("Initialize environment map");
- HashMap env = new HashMap();
- env.put("jmx.remote.authenticator",
- new JMXPluggableAuthenticator(props));
- // Create an RMI connector server
- //
- System.out.println("Create an RMI connector server");
- JMXServiceURL url =
- new JMXServiceURL("rmi", null, 0,
- "/jndi/rmi://:" + port + "/server" + port);
- jmxcs =
- JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
- jmxcs.start();
- // Create an RMI connector client
- //
- System.out.println("Create an RMI connector client");
- HashMap cli_env = new HashMap();
- // These credentials must match those in the default password file
- //
- String[] credentials = new String[] { "monitorRole" , "QED" };
- cli_env.put("jmx.remote.credentials", credentials);
- jmxc = JMXConnectorFactory.connect(url, cli_env);
- Subject delegationSubject =
- new Subject(true,
- Collections.singleton(new JMXPrincipal("delegate")),
- Collections.EMPTY_SET,
- Collections.EMPTY_SET);
- MBeanServerConnection mbsc =
- jmxc.getMBeanServerConnection(delegationSubject);
- // Get domains from MBeanServer
- //
- System.out.println("Domains:");
- String domains[] = mbsc.getDomains();
- for (int i = 0; i < domains.length; i++) {
- System.out.println("\tDomain[" + i + "] = " + domains[i]);
- }
- // Get MBean count
- //
- System.out.println("MBean count = " + mbsc.getMBeanCount());
- // Get State attribute
- //
- String oldState =
- (String) mbsc.getAttribute(
- new ObjectName("MBeans:type=SimpleStandard"),
- "State");
- System.out.println("Old State = \"" + oldState + "\"");
- // Set State attribute
- //
- System.out.println("Set State to \"changed state\"");
- mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"),
- new Attribute("State", "changed state"));
- // Get State attribute
- //
- String newState =
- (String) mbsc.getAttribute(
- new ObjectName("MBeans:type=SimpleStandard"),
- "State");
- System.out.println("New State = \"" + newState + "\"");
- if (!newState.equals("changed state")) {
- System.out.println("Invalid State = \"" + newState + "\"");
- System.exit(1);
- }
- // Add notification listener on SimpleStandard MBean
- //
- System.out.println("Add notification listener...");
- mbsc.addNotificationListener(
- new ObjectName("MBeans:type=SimpleStandard"),
- new NotificationListener() {
- public void handleNotification(Notification notification,
- Object handback) {
- System.out.println("Received notification: " +
- notification);
- }
- },
- null,
- null);
- // Unregister SimpleStandard MBean
- //
- System.out.println("Unregister SimpleStandard MBean...");
- mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));
- } catch (SecurityException e) {
- if (testResult.equals("ko")) {
- System.out.println("Got expected security exception = " + e);
- } else {
- System.out.println("Got unexpected security exception = " + e);
- e.printStackTrace();
- throw e;
- }
- } catch (Exception e) {
- System.out.println("Unexpected exception caught = " + e);
- e.printStackTrace();
- throw e;
- } finally {
- // Close connector client
- //
- if (jmxc != null)
- jmxc.close();
- // Stop connector server
- //
- if (jmxcs != null)
- jmxcs.stop();
- // Say goodbye
- //
- System.out.println("Bye! Bye!");
- }
- }
-}
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation2Test.java b/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation2Test.java
deleted file mode 100644
index 65c8f4b1f5f..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation2Test.java
+++ /dev/null
@@ -1,218 +0,0 @@
-/*
- * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 6261831
- * @summary Tests the use of the subject delegation feature on the authenticated
- * principals within the RMI connector server's creator codebase.
- * @author Luis-Miguel Alventosa
- * @modules java.management.rmi
- * java.management/com.sun.jmx.remote.security
- * @run clean SubjectDelegation2Test SimpleStandard SimpleStandardMBean
- * @run build SubjectDelegation2Test SimpleStandard SimpleStandardMBean
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy21 ok
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy22 ko
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy23 ko
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy24 ok
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation2Test policy25 ko
- */
-
-import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
-import java.io.File;
-import java.lang.management.ManagementFactory;
-import java.rmi.RemoteException;
-import java.rmi.registry.LocateRegistry;
-import java.rmi.registry.Registry;
-import java.util.HashMap;
-import java.util.Properties;
-import javax.management.Attribute;
-import javax.management.MBeanServer;
-import javax.management.MBeanServerConnection;
-import javax.management.Notification;
-import javax.management.NotificationListener;
-import javax.management.ObjectName;
-import javax.management.remote.JMXConnector;
-import javax.management.remote.JMXConnectorFactory;
-import javax.management.remote.JMXConnectorServer;
-import javax.management.remote.JMXConnectorServerFactory;
-import javax.management.remote.JMXServiceURL;
-
-public class SubjectDelegation2Test {
-
- public static void main(String[] args) throws Exception {
- String policyFile = args[0];
- String testResult = args[1];
- System.out.println("Policy file = " + policyFile);
- System.out.println("Expected test result = " + testResult);
- JMXConnectorServer jmxcs = null;
- JMXConnector jmxc = null;
- try {
- // Create an RMI registry
- //
- System.out.println("Start RMI registry...");
- Registry reg = null;
- int port = 5880;
- while (port++ < 5900) {
- try {
- reg = LocateRegistry.createRegistry(port);
- System.out.println("RMI registry running on port " + port);
- break;
- } catch (RemoteException e) {
- // Failed to create RMI registry...
- System.out.println("Failed to create RMI registry " +
- "on port " + port);
- }
- }
- if (reg == null) {
- System.exit(1);
- }
- // Set the default password file
- //
- final String passwordFile = System.getProperty("test.src") +
- File.separator + "jmxremote.password";
- System.out.println("Password file = " + passwordFile);
- // Set policy file
- //
- final String policy = System.getProperty("test.src") +
- File.separator + policyFile;
- System.out.println("PolicyFile = " + policy);
- System.setProperty("java.security.policy", policy);
- // Instantiate the MBean server
- //
- System.out.println("Create the MBean server");
- MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
- // Register the SimpleStandardMBean
- //
- System.out.println("Create SimpleStandard MBean");
- SimpleStandard s = new SimpleStandard("monitorRole");
- mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));
- // Create Properties containing the username/password entries
- //
- Properties props = new Properties();
- props.setProperty("jmx.remote.x.password.file", passwordFile);
- // Initialize environment map to be passed to the connector server
- //
- System.out.println("Initialize environment map");
- HashMap env = new HashMap();
- env.put("jmx.remote.authenticator",
- new JMXPluggableAuthenticator(props));
- // Set Security Manager
- //
- System.setSecurityManager(new SecurityManager());
- // Create an RMI connector server
- //
- System.out.println("Create an RMI connector server");
- JMXServiceURL url = new JMXServiceURL("rmi", null, 0);
-
- jmxcs =
- JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
- jmxcs.start();
- // Create an RMI connector client
- //
- System.out.println("Create an RMI connector client");
- HashMap cli_env = new HashMap();
- // These credentials must match those in the default password file
- //
- String[] credentials = new String[] { "monitorRole" , "QED" };
- cli_env.put("jmx.remote.credentials", credentials);
- jmxc = JMXConnectorFactory.connect(jmxcs.getAddress(), cli_env);
- MBeanServerConnection mbsc = jmxc.getMBeanServerConnection();
- // Get domains from MBeanServer
- //
- System.out.println("Domains:");
- String domains[] = mbsc.getDomains();
- for (int i = 0; i < domains.length; i++) {
- System.out.println("\tDomain[" + i + "] = " + domains[i]);
- }
- // Get MBean count
- //
- System.out.println("MBean count = " + mbsc.getMBeanCount());
- // Get State attribute
- //
- String oldState =
- (String) mbsc.getAttribute(
- new ObjectName("MBeans:type=SimpleStandard"),
- "State");
- System.out.println("Old State = \"" + oldState + "\"");
- // Set State attribute
- //
- System.out.println("Set State to \"changed state\"");
- mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"),
- new Attribute("State", "changed state"));
- // Get State attribute
- //
- String newState =
- (String) mbsc.getAttribute(
- new ObjectName("MBeans:type=SimpleStandard"),
- "State");
- System.out.println("New State = \"" + newState + "\"");
- if (!newState.equals("changed state")) {
- System.out.println("Invalid State = \"" + newState + "\"");
- System.exit(1);
- }
- // Add notification listener on SimpleStandard MBean
- //
- System.out.println("Add notification listener...");
- mbsc.addNotificationListener(
- new ObjectName("MBeans:type=SimpleStandard"),
- new NotificationListener() {
- public void handleNotification(Notification notification,
- Object handback) {
- System.out.println("Received notification: " +
- notification);
- }
- },
- null,
- null);
- // Unregister SimpleStandard MBean
- //
- System.out.println("Unregister SimpleStandard MBean...");
- mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));
- } catch (SecurityException e) {
- if (testResult.equals("ko")) {
- System.out.println("Got expected security exception = " + e);
- } else {
- System.out.println("Got unexpected security exception = " + e);
- e.printStackTrace();
- throw e;
- }
- } catch (Exception e) {
- System.out.println("Unexpected exception caught = " + e);
- e.printStackTrace();
- throw e;
- } finally {
- // Close connector client
- //
- if (jmxc != null)
- jmxc.close();
- // Stop connector server
- //
- if (jmxcs != null)
- jmxcs.stop();
- // Say goodbye
- //
- System.out.println("Bye! Bye!");
- }
- }
-}
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation3Test.java b/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation3Test.java
deleted file mode 100644
index 5550b6cfe31..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/SubjectDelegation3Test.java
+++ /dev/null
@@ -1,228 +0,0 @@
-/*
- * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 6261831
- * @summary Tests the use of the subject delegation feature on the authenticated
- * principals within the RMI connector server's creator codebase with
- * subject delegation.
- * @author Luis-Miguel Alventosa
- * @modules java.management.rmi
- * java.management/com.sun.jmx.remote.security
- * @run clean SubjectDelegation3Test SimpleStandard SimpleStandardMBean
- * @run build SubjectDelegation3Test SimpleStandard SimpleStandardMBean
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy31 ok
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy32 ko
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy33 ko
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy34 ok
- * @run main/othervm -Djava.security.manager=allow SubjectDelegation3Test policy35 ko
- */
-
-import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
-import java.io.File;
-import java.lang.management.ManagementFactory;
-import java.rmi.RemoteException;
-import java.rmi.registry.LocateRegistry;
-import java.rmi.registry.Registry;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Properties;
-import javax.management.Attribute;
-import javax.management.MBeanServer;
-import javax.management.MBeanServerConnection;
-import javax.management.Notification;
-import javax.management.NotificationListener;
-import javax.management.ObjectName;
-import javax.management.remote.JMXConnector;
-import javax.management.remote.JMXConnectorFactory;
-import javax.management.remote.JMXConnectorServer;
-import javax.management.remote.JMXConnectorServerFactory;
-import javax.management.remote.JMXPrincipal;
-import javax.management.remote.JMXServiceURL;
-import javax.security.auth.Subject;
-
-public class SubjectDelegation3Test {
-
- public static void main(String[] args) throws Exception {
- String policyFile = args[0];
- String testResult = args[1];
- System.out.println("Policy file = " + policyFile);
- System.out.println("Expected test result = " + testResult);
- JMXConnectorServer jmxcs = null;
- JMXConnector jmxc = null;
- try {
- // Create an RMI registry
- //
- System.out.println("Start RMI registry...");
- Registry reg = null;
- int port = 5900;
- while (port++ < 5920) {
- try {
- reg = LocateRegistry.createRegistry(port);
- System.out.println("RMI registry running on port " + port);
- break;
- } catch (RemoteException e) {
- // Failed to create RMI registry...
- System.out.println("Failed to create RMI registry " +
- "on port " + port);
- }
- }
- if (reg == null) {
- System.exit(1);
- }
- // Set the default password file
- //
- final String passwordFile = System.getProperty("test.src") +
- File.separator + "jmxremote.password";
- System.out.println("Password file = " + passwordFile);
- // Set policy file
- //
- final String policy = System.getProperty("test.src") +
- File.separator + policyFile;
- System.out.println("PolicyFile = " + policy);
- System.setProperty("java.security.policy", policy);
- // Instantiate the MBean server
- //
- System.out.println("Create the MBean server");
- MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
- // Register the SimpleStandardMBean
- //
- System.out.println("Create SimpleStandard MBean");
- SimpleStandard s = new SimpleStandard("delegate");
- mbs.registerMBean(s, new ObjectName("MBeans:type=SimpleStandard"));
- // Create Properties containing the username/password entries
- //
- Properties props = new Properties();
- props.setProperty("jmx.remote.x.password.file", passwordFile);
- // Initialize environment map to be passed to the connector server
- //
- System.out.println("Initialize environment map");
- HashMap env = new HashMap();
- env.put("jmx.remote.authenticator",
- new JMXPluggableAuthenticator(props));
- // Set Security Manager
- //
- System.setSecurityManager(new SecurityManager());
- // Create an RMI connector server
- //
- System.out.println("Create an RMI connector server");
- JMXServiceURL url =
- new JMXServiceURL("rmi", null, 0);
- jmxcs =
- JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
- jmxcs.start();
- // Create an RMI connector client
- //
- System.out.println("Create an RMI connector client");
- HashMap cli_env = new HashMap();
- // These credentials must match those in the default password file
- //
- String[] credentials = new String[] { "monitorRole" , "QED" };
- cli_env.put("jmx.remote.credentials", credentials);
- jmxc = JMXConnectorFactory.connect(jmxcs.getAddress(), cli_env);
- Subject delegationSubject =
- new Subject(true,
- Collections.singleton(new JMXPrincipal("delegate")),
- Collections.EMPTY_SET,
- Collections.EMPTY_SET);
- MBeanServerConnection mbsc =
- jmxc.getMBeanServerConnection(delegationSubject);
- // Get domains from MBeanServer
- //
- System.out.println("Domains:");
- String domains[] = mbsc.getDomains();
- for (int i = 0; i < domains.length; i++) {
- System.out.println("\tDomain[" + i + "] = " + domains[i]);
- }
- // Get MBean count
- //
- System.out.println("MBean count = " + mbsc.getMBeanCount());
- // Get State attribute
- //
- String oldState =
- (String) mbsc.getAttribute(
- new ObjectName("MBeans:type=SimpleStandard"),
- "State");
- System.out.println("Old State = \"" + oldState + "\"");
- // Set State attribute
- //
- System.out.println("Set State to \"changed state\"");
- mbsc.setAttribute(new ObjectName("MBeans:type=SimpleStandard"),
- new Attribute("State", "changed state"));
- // Get State attribute
- //
- String newState =
- (String) mbsc.getAttribute(
- new ObjectName("MBeans:type=SimpleStandard"),
- "State");
- System.out.println("New State = \"" + newState + "\"");
- if (!newState.equals("changed state")) {
- System.out.println("Invalid State = \"" + newState + "\"");
- System.exit(1);
- }
- // Add notification listener on SimpleStandard MBean
- //
- System.out.println("Add notification listener...");
- mbsc.addNotificationListener(
- new ObjectName("MBeans:type=SimpleStandard"),
- new NotificationListener() {
- public void handleNotification(Notification notification,
- Object handback) {
- System.out.println("Received notification: " +
- notification);
- }
- },
- null,
- null);
- // Unregister SimpleStandard MBean
- //
- System.out.println("Unregister SimpleStandard MBean...");
- mbsc.unregisterMBean(new ObjectName("MBeans:type=SimpleStandard"));
- } catch (SecurityException e) {
- if (testResult.equals("ko")) {
- System.out.println("Got expected security exception = " + e);
- } else {
- System.out.println("Got unexpected security exception = " + e);
- e.printStackTrace();
- throw e;
- }
- } catch (Exception e) {
- System.out.println("Unexpected exception caught = " + e);
- e.printStackTrace();
- throw e;
- } finally {
- // Close connector client
- //
- if (jmxc != null)
- jmxc.close();
- // Stop connector server
- //
- if (jmxcs != null)
- jmxcs.stop();
- // Say goodbye
- //
- System.out.println("Bye! Bye!");
- }
- }
-}
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/jmxremote.password b/test/jdk/javax/management/remote/mandatory/subjectDelegation/jmxremote.password
deleted file mode 100644
index b29b668159c..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/jmxremote.password
+++ /dev/null
@@ -1 +0,0 @@
-monitorRole QED
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy11 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy11
deleted file mode 100644
index bcd7896ce2e..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy11
+++ /dev/null
@@ -1,7 +0,0 @@
-grant {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy12 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy12
deleted file mode 100644
index 7b7b547a8cb..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy12
+++ /dev/null
@@ -1,6 +0,0 @@
-grant {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy13 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy13
deleted file mode 100644
index 6609c33c80c..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy13
+++ /dev/null
@@ -1,6 +0,0 @@
-grant {
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy14 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy14
deleted file mode 100644
index 02d1525f14f..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy14
+++ /dev/null
@@ -1,5 +0,0 @@
-grant {
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy15 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy15
deleted file mode 100644
index efdb46a9a17..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy15
+++ /dev/null
@@ -1,7 +0,0 @@
-grant {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.monitorRole";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy16 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy16
deleted file mode 100644
index 65bd1f9a275..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy16
+++ /dev/null
@@ -1,6 +0,0 @@
-grant {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.monitorRole";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy21 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy21
deleted file mode 100644
index 32756230e7c..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy21
+++ /dev/null
@@ -1,25 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission java.lang.RuntimePermission "*";
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy22 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy22
deleted file mode 100644
index cd1bbc2bb4f..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy22
+++ /dev/null
@@ -1,25 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.lang.RuntimePermission "*";
- permission java.security.SecurityPermission "createAccessControlContext";
-// permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy23 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy23
deleted file mode 100644
index 47b3cc194ee..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy23
+++ /dev/null
@@ -1,25 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.lang.RuntimePermission "*";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
-// permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy24 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy24
deleted file mode 100644
index 228a1c0e437..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy24
+++ /dev/null
@@ -1,18 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.lang.RuntimePermission "*";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.monitorRole";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy25 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy25
deleted file mode 100644
index ed20121656b..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy25
+++ /dev/null
@@ -1,18 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.lang.RuntimePermission "*";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.monitorRole";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
-// permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy31 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy31
deleted file mode 100644
index 0f087192484..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy31
+++ /dev/null
@@ -1,30 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.lang.RuntimePermission "*";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "delegate" {
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy32 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy32
deleted file mode 100644
index 23dcb7d762a..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy32
+++ /dev/null
@@ -1,30 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.lang.RuntimePermission "*";
- permission java.security.SecurityPermission "createAccessControlContext";
-// permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "delegate" {
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy33 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy33
deleted file mode 100644
index 67f33449476..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy33
+++ /dev/null
@@ -1,30 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.lang.RuntimePermission "*";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "delegate" {
-// permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy34 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy34
deleted file mode 100644
index ece5ab98cff..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy34
+++ /dev/null
@@ -1,22 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.lang.RuntimePermission "*";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.monitorRole";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "delegate" {
- permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};
diff --git a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy35 b/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy35
deleted file mode 100644
index 0c0dcd39811..00000000000
--- a/test/jdk/javax/management/remote/mandatory/subjectDelegation/policy35
+++ /dev/null
@@ -1,22 +0,0 @@
-grant {
- permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
- permission java.lang.RuntimePermission "*";
- permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
- permission java.security.SecurityPermission "createAccessControlContext";
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.monitorRole";
-};
-
-grant principal javax.management.remote.JMXPrincipal "monitorRole" {
- permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.delegate";
-};
-
-grant principal javax.management.remote.JMXPrincipal "delegate" {
-// permission javax.management.MBeanPermission "*", "getDomains";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "getAttribute";
- permission javax.security.auth.AuthPermission "getSubject";
- permission javax.management.MBeanPermission "SimpleStandard#State[MBeans:type=SimpleStandard]", "setAttribute";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
- permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "removeNotificationListener";
- permission javax.management.MBeanPermission "SimpleStandard#-[MBeans:type=SimpleStandard]", "unregisterMBean";
-};