001/** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.camel.management; 018 019import javax.management.Descriptor; 020import javax.management.DynamicMBean; 021import javax.management.MBeanException; 022import javax.management.MBeanOperationInfo; 023import javax.management.ReflectionException; 024import javax.management.RuntimeOperationsException; 025import javax.management.modelmbean.ModelMBeanInfo; 026import javax.management.modelmbean.RequiredModelMBean; 027 028import org.apache.camel.util.ObjectHelper; 029import org.apache.camel.util.URISupport; 030import org.slf4j.Logger; 031import org.slf4j.LoggerFactory; 032 033/** 034 * A {@link javax.management.modelmbean.RequiredModelMBean} which allows us to intercept invoking operations on the MBean. 035 * <p/> 036 * This allows us to intercept calls to custom mbeans where allows us to mix-in the standard set of mbean attributes 037 * and operations that Camel provides out of the box. 038 * <p/> 039 * For example if mask has been enabled on JMX, then we use this implementation 040 * to hide sensitive information from the returned JMX attributes / operations. 041 */ 042public class MixinRequiredModelMBean extends RequiredModelMBean { 043 044 private static final Logger LOG = LoggerFactory.getLogger(MixinRequiredModelMBean.class); 045 private boolean mask; 046 private ModelMBeanInfo defaultMbi; 047 private DynamicMBean defaultObject; 048 049 public MixinRequiredModelMBean() throws MBeanException, RuntimeOperationsException { 050 // must have default no-arg constructor 051 } 052 053 public MixinRequiredModelMBean(ModelMBeanInfo mbi, boolean mask, ModelMBeanInfo defaultMbi, DynamicMBean defaultObject) throws MBeanException, RuntimeOperationsException { 054 super(mbi); 055 this.mask = mask; 056 this.defaultMbi = defaultMbi; 057 this.defaultObject = defaultObject; 058 } 059 060 public boolean isMask() { 061 return mask; 062 } 063 064 @Override 065 public Object invoke(String opName, Object[] opArgs, String[] sig) throws MBeanException, ReflectionException { 066 Object answer; 067 if (defaultMbi != null && defaultObject != null && isDefaultOperation(opName)) { 068 answer = defaultObject.invoke(opName, opArgs, sig); 069 } else { 070 answer = super.invoke(opName, opArgs, sig); 071 } 072 // mask the answer if enabled and it was a String type (we cannot mask other types) 073 if (mask && answer instanceof String && ObjectHelper.isNotEmpty(answer) && isMaskOperation(opName)) { 074 answer = mask(opName, (String) answer); 075 } 076 return answer; 077 } 078 079 protected boolean isDefaultOperation(String opName) { 080 for (MBeanOperationInfo info : defaultMbi.getOperations()) { 081 if (info.getName().equals(opName)) { 082 return true; 083 } 084 } 085 return false; 086 } 087 088 protected boolean isMaskOperation(String opName) { 089 for (MBeanOperationInfo info : getMBeanInfo().getOperations()) { 090 if (info.getName().equals(opName)) { 091 Descriptor desc = info.getDescriptor(); 092 if (desc != null) { 093 Object val = desc.getFieldValue("mask"); 094 return val != null && "true".equals(val); 095 } 096 } 097 } 098 return false; 099 } 100 101 /** 102 * Masks the returned value from invoking the operation 103 * 104 * @param opName the operation name invoked 105 * @param value the current value 106 * @return the masked value 107 */ 108 protected String mask(String opName, String value) { 109 // use sanitize uri which will mask sensitive information 110 String answer = URISupport.sanitizeUri(value); 111 if (LOG.isTraceEnabled()) { 112 LOG.trace("Masking JMX operation: {}.{} value: {} -> {}", 113 new Object[]{getMBeanInfo().getClassName(), opName, value, answer}); 114 } 115 return answer; 116 } 117}