Auto invoke JMX MBean

sanchit.bhavsar · January 15, 2019, 4:34pm

Hello Community,

I am looking for some directions to automatically invoke JMX MBean instead of manual procedure (Administration > JMX Console).

Regards,
Sanchit

krivopustov · January 16, 2019, 6:07am

Hi Sanchit,

What do you mean by automatically? By a scheduler or from the application code?
Actually, a JMX bean is a Spring bean so you can work with it as with any other bean.

Regards,
Konstantin

sanchit.bhavsar · January 16, 2019, 7:40am

Hi Konstantin,

I mean by the application code. I have tried a sample from documentation to invoke service from JMX Console but I am getting the following exception.

java.lang.SecurityException: 
No security context bound to the current thread
java.lang.SecurityException: No security context bound to the current thread
at com.haulmont.cuba.core.sys.AppContext.getSecurityContextNN(AppContext.java:148)
at com.haulmont.cuba.core.sys.ServiceInterceptor.aroundInvoke(ServiceInterceptor.java:85)
at sun.reflect.GeneratedMethodAccessor117.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:629)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:618)
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
at com.sun.proxy.$Proxy237.migrateAccounts(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at sun.reflect.misc.Trampoline.invoke(MethodUtil.java:71)
at sun.reflect.GeneratedMethodAccessor59.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at sun.reflect.misc.MethodUtil.invoke(MethodUtil.java:275)
at javax.management.modelmbean.RequiredModelMBean$4.run(RequiredModelMBean.java:1252)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:80)
at javax.management.modelmbean.RequiredModelMBean.invokeMethod(RequiredModelMBean.java:1246)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1085)
at org.springframework.jmx.export.SpringModelMBean.invoke(SpringModelMBean.java:90)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819)
at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801)
at com.haulmont.cuba.web.jmx.JmxControlBean.lambda$invokeOperation$0(JmxControlBean.java:389)
at com.haulmont.cuba.web.jmx.JmxConnectionHelper.withConnection(JmxConnectionHelper.java:123)
at com.haulmont.cuba.web.jmx.JmxControlBean.invokeOperation(JmxControlBean.java:378)
at com.haulmont.cuba.web.app.ui.jmxcontrol.inspect.MbeanInspectWindow.runSynchronously(MbeanInspectWindow.java:236)
at com.haulmont.cuba.web.app.ui.jmxcontrol.inspect.MbeanInspectWindow.invokeOperation(MbeanInspectWindow.java:229)
at com.haulmont.cuba.web.app.ui.jmxcontrol.inspect.MbeanInspectWindow$1.actionPerform(MbeanInspectWindow.java:194)
at com.haulmont.cuba.web.gui.components.WebButton.performAction(WebButton.java:44)
at com.haulmont.cuba.web.gui.components.WebButton.lambda$new$61446b05$1(WebButton.java:36)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.vaadin.event.ListenerMethod.receiveEvent(ListenerMethod.java:510)
at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:200)
at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:163)
at com.vaadin.server.AbstractClientConnector.fireEvent(AbstractClientConnector.java:1037)
at com.vaadin.ui.Button.fireClick(Button.java:377)
at com.haulmont.cuba.web.toolkit.ui.CubaButton.fireClick(CubaButton.java:54)
at com.vaadin.ui.Button$1.click(Button.java:54)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:158)
at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:119)
at com.vaadin.server.communication.ServerRpcHandler.handleInvocation(ServerRpcHandler.java:444)
at com.vaadin.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:409)
at com.vaadin.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:274)
at com.vaadin.server.communication.UidlRequestHandler.synchronizedHandleRequest(UidlRequestHandler.java:90)
at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:41)
at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1422)
at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:385)
at com.haulmont.cuba.web.sys.CubaApplicationServlet.serviceAppRequest(CubaApplicationServlet.java:290)
at com.haulmont.cuba.web.sys.CubaApplicationServlet.service(CubaApplicationServlet.java:197)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at com.haulmont.cuba.web.sys.CubaHttpFilter.handleNotFiltered(CubaHttpFilter.java:108)
at com.haulmont.cuba.web.sys.CubaHttpFilter.doFilter(CubaHttpFilter.java:95)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1437)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)

krivopustov · January 18, 2019, 7:37am

Add @Authenticated annotation to you JMX bean method.
See Creating a JMX Bean and System Authentication.

sanchit.bhavsar · February 21, 2019, 9:48am

Hello Konstantin,

how can I override cuba authentication to allow external users to login into the application?

So far I have added users externally into cuba “SEC_USER” table. I can see the new added users in the running application but unable to login because of the cubaauthprovider.

Any idea about passing those users with authentication and allow them to login into application.

Regards,
Sanchit

krivopustov · February 25, 2019, 1:16pm

Hi Sanchit,

If you added users to the database, there is no need for external authentication. How did you specify the user passwords when inserted the users?
What framework version are you using?
What exception stack trace do you have when users log in?

If you still need to customize the authentication process, and you have normal user/password credentials, override the LoginPasswordAuthenticationProvider bean in the core module of your project.
Please explain in detail how do you like to authenticate users, and we will give you more specific recommendations.

sanchit.bhavsar · February 25, 2019, 2:37pm

Hi Konstantin,

I hash the password with “SHA-1” algorithm and simply set it to the user password,

private String hashPassword(String password){
    // bytes to hex
    StringBuilder sb = new StringBuilder();

    try {
        MessageDigest md = MessageDigest.getInstance("SHA-1");
        byte[] hashInBytes = md.digest(password.getBytes(StandardCharsets.UTF_8));


        for (byte b : hashInBytes) {
            sb.append(String.format("%02x", b));//print at least 2 digits
        }


    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }


    return sb.toString();
}

I am using Studio 6.8.1 and also Please refer to this topic: User authentication logic - CUBA.Platform

I have a question, what happens when I store the password as a plain string without hashing, how will the system authenticate with user login and password?

Regards,
Sanchit

krivopustov · February 25, 2019, 3:18pm

It won’t work, the system compares the password hashes.

sanchit.bhavsar · February 27, 2019, 11:14am

Hi Konstantin,

one more thing, I set the user id (pk) as UUIDGen.generateUUIDAsPlainString() and when I try to change password from cuba it throws me an error Object primary key was modified in another trasaction.

any idea what causing this?

krivopustov · February 27, 2019, 1:24pm

Sorry, I have no idea what your UUIDGen.generateUUIDAsPlainString() does.

sanchit.bhavsar · February 27, 2019, 1:27pm

Sorry for the less info. it just generates a unique UUID

krivopustov · March 1, 2019, 2:50pm

Make sure you also set the version attribute to a non-null value.

sanchit.bhavsar · April 2, 2019, 2:28pm

@knstvk so, the hash function I mentioned above is hashing the password with “sha1” algo same as cuba password encryption.
After debugging the authentication provider, I notice that the hashed password stored in the db and the cuba side check for the password are different. That is the reason I am not able to login into the application.

Could you please check the function and let me know what I am missing.

-Sanchit

krivopustov · April 4, 2019, 1:39pm

I would recommend using the framework’s PasswordEncryption bean to create password hashes:

@Inject
PasswordEncryption passwordEncryption;

void encryptPassword(UUID userId, String password) {
    return passwordEncryption.getPasswordHash(userId, password);
}