Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6261831

JMX connector server's creator should not have to grant remote client's permissions in its codebase

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 6
    • Fix Version/s: 6
    • Component/s: core-svc
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b43
    • CPU:
      generic
    • OS:
      generic

      Description


      * Issue:

        Using authenticated subjects and subject delegation in the current JMX
        connector server implementations require the server´s creator - the
        codebase/entity calling JMXConnectorServer.start() - to have granted
        all the permissions required by the remote clients to perform its
        remote operations.

        By implementing security in this way we need to grant to the server´s
        codebase more permissions that it really needs. This could be avoided.

      * Solution:

        Suppose a security context (subject and/or codebase and/or signers),
        say "creator", makes a JMXConnectorServer and supplies a JMXAuthenticator.

        Later, a connection arrives, and the JMXAuthenticator returns a Subject for
        it containing the Principal "remote". Today, basically both "remote" and
        "creator" must have all needed permissions for the reason I detailed above.

        However, suppose we say that an MBean operation that needs FilePermission is
        allowed if EITHER:

        (1) both "remote" and "creator" have FilePermission (the current
            requirement, i.e. backwards compatibility is kept); OR
        (2) "remote" has FilePermission and "creator" has
            SubjectDelegationPermission("remote").

        By supporting (2) we no longer need to grant FilePermission to the
        "creator" codebase.

      ###@###.### 2005-05-20 16:32:52 GMT

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                lmalvent Luis-Miguel Alventosa (Inactive)
                Reporter:
                lmalvent Luis-Miguel Alventosa (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: