Creating Utilities To Manipulate Users in #Weblogic Using #JMX and #Mbeans

m dlwr.am r-gawish.
co m
http://mdlwr.amr-gawish.co m/creating-utilities-to -manipulate-users-in-web/
Creating Utilities to Manipulate Users in #Weblogic Using

#JMX and #MBeans
INTRO
First Id like to apologies f or the big absent on my side as I was very busy traveling to KSA f or a new
f reelancing Client, but anyway I hope this article make you f orgive me :)
Weblogic is a great Application Server, and the one you can count on f or your heavy industrial deployment,
load balancing, high availability and clustering.
Not only that but it comes with a great scripting tool WLST and the standardization of accessing its
MBeans through JMX
T here were an old school approach which would allow you to access MBeans through Weblogic APIs itself
like so
import weblogic.management .Helper;

import weblogic.management .MBeanHome;
public class UseHelper {
public st at ic void main(St ring[] args) {
St ring url = "t 3://localhost :7001";
St ring username = "weblogic";
St ring password = "weblogic";
St ring msName = "MS1";
MBeanHome localHome = null;
t ry {
localHome = (MBeanHome)Helper.get MBeanHome(username, password, url,
msName);
Syst em.out .print ln("Local MBeanHome for" + localHome +
" found using t he Helper class");
} cat ch (IllegalArgument Except ion iae) {
Syst em.out .print ln("Illegal Argument Except ion: " + iae);
}
}
}
But as you write this in your JDeveloper or f avorite Editor, you will realize that this has been deprecated!
So the better alternative, and the hard way around it is to use JMX
THE DEFINITION
JMX(Java Management Extension) is a technology that represents a universal, open technology f or
management, and monitoring applications, system objects, devices (e. g. printers) and service oriented
networks. T hose resources are represented by objects called MBeans (f or Managed Beans)
So Enough with the def initions, lets get to work.
THE UTILITY CLASS

What we want here is accessing Weblogic MBeans to get Users f or Def aultAuthenticator -Def ault
authenticator on Weblogic and Get Users, Groups and doing some manipulation like adding, editing,
deleting and reset password f or users in Weblogic Def ault Authenticator -You can edit it to suit your need
but remember if the authenticator is read only you will get exceptions trying to alter users.
So lets get Started, f irst by checking MBeans Ref erence We will realize that in Order to access the Users
we have to go this path:
Conf iguration MBeans
Domain Conf iguration MBeans
Security Conf iguration MBean
Def ault Realm (Attribute of Security Configuration MBean and an instance of
RealmMBean)
AuthenticationProviders (Attribute of Default Realm and an instance of
AuthenticationProviderMBean[])
So How do we do that, lets start write some code
THE INITIALIZATION CODE

We will start my making a connection to Weblogic Server instance, and then drill down to
AuthenticationProviderMBean(s)
Remember this is a utilities Class, thats why all of my methods will be static
/****** DEFINING SOME STATIC VARIABLES ********/
public st at ic nal St ring JNDI_FACTORY = "weblogic.jndi.WLInit ialCont ext Fact ory";
public st at ic nal St ring MBEAN_SERVER = "weblogic.management .mbeanservers.domainrunt ime";
public st at ic nal St ring JNDI_ROOT = "/jndi/";
public st at ic nal St ring DEFAULT_PROTOCOL = "t 3";
public st at ic nal St ring PROTOCOL_PROVIDER_PACKAGES = "weblogic.management .remot e";
//This how we get our DomainRunt imeService, t his is where DomainCongurat ionMBeans exist s
public st at ic nal St ring DOMAIN_MBEAN_NAME =
"com.bea:Name=DomainRunt imeService,Type=weblogic.management .mbeanservers.domainrunt ime.DomainRunt imeServiceMBean";
privat e st at ic MBeanServerConnect ion connect ion;
privat e st at ic Object Name default Aut hent icat or;
privat e st at ic Object Name[] aut hent icat ionProviders;
privat e st at ic St ring aut hent icat orName="Default Aut hent icat or";
Okay, now we def ined it, lets drill down to our AuthenticationProviders
st at ic {
t ry {
St ring host = "127.0.0.1";
St ring port = "7101";
St ring username = "weblogic";
St ring password = "weblogic1";
Hasht able h = new Hasht able();
JMXServiceURL serviceURL;
serviceURL =
new JMXServiceURL(DEFAULT_PROTOCOL, host , Int eger.valueOf(port ).int Value(),
"/jndi/weblogic.management .mbeanservers.domainrunt ime");
h.put ("java.naming.securit y.principal", username);
h.put ("java.naming.securit y.credent ials", password);
h.put ("jmx.remot e.prot ocol.provider.pkgs",
"weblogic.management .remot e");
//Creat ing a JMXConnect or t o connect t o JMX
JMXConnect or connect or =
JMXConnect orFact ory.connect (serviceURL, h);
connect ion = connect or.get MBeanServerConnect ion();
/****
We Get Object s by creat ing Object Name wit h it 's Qualied name.
The const ruct or t ake a St ring of t he full Qualied name of t he MBean
We t hen use connect ion t o get At t ribut e out of t his Object Name but specifying a St ring of
t his At t ribut e
*****/
Object Name congurat ionMBeans=
new Object Name(DOMAIN_MBEAN_NAME);
Object Name domain =
(Object Name)connect ion.get At t ribut e(congurat ionMBeans, "DomainCongurat ion");
Object Name securit y =
(Object Name)connect ion.get At t ribut e(domain, "Securit yCongurat ion");
Object Name realm =
(Object Name)connect ion.get At t ribut e(securit y, "Default Realm");
aut hent icat ionProviders =
(Object Name[])connect ion.get At t ribut e(realm,
"Aut hent icat ionProviders");
for (int i = 0; i < aut hent icat ionProviders.lengt h; i++) {
St ring name =
(St ring)connect ion.get At t ribut e(aut hent icat ionProviders[i],
"Name");
if (name.equals(aut hent icat orName))
default Aut hent icat or = aut hent icat ionProviders[i];
}
} cat ch (Except ion e) {
t hrow new Runt imeExcept ion(e);
}
WOHOO youve done a great step, you now have a ref erence to the def aultAuthenticator MBean, now you
can make operations on users and Groups
DEEP INSIDE DEFAULTAUTHENTICATORMBEAN

If you looked at the ref erence of Def aultAuthenticatorMBean which is a subclass of
AuthenticationProviderMBean you will realize the f ollowing:
Attributes
Operations
Now I guess you know what do we need to do right, Excellent so lets get it done
THE USER/GROUP MANIPULATION
public st at ic boolean addUser(St ring username, St ring psw, St ring desc) {

t ry {
/** As of connect ion.get At t ribut e you can use connect ion.invoke t o invoke an act ion
It Takes Object Name, St ring Operat ionName, Object [] Paramet ers, and St ring[] Paramet ers
Denit ion
**/
connect ion.invoke(default Aut hent icat or, "creat eUser",
new Object [] { username, psw, desc },
new St ring[] { "java.lang.St ring",
"java.lang.St ring",
"java.lang.St ring" });
ret urn t rue;

ret urn false;
//t hrow new Runt imeExcept ion(e);
}
public st at ic boolean removeUser(St ring username) {

t ry {
if (!username.equalsIgnoreCase("weblogic")) {
connect ion.invoke(default Aut hent icat or, "removeUser",
new Object [] { username },
new St ring[] { "java.lang.St ring" });
}
ret urn t rue;

e.print St ackTrace();
}
ret urn false;
public st at ic boolean reset UserPassword(St ring username,

St ring newPassword) {
t ry {
if (!username.equalsIgnoreCase("weblogic")) {
connect ion.invoke(default Aut hent icat or, "reset UserPassword",
new Object [] { username, newPassword },
"java.lang.St ring" });
}
ret urn t rue;

e.print St ackTrace();
}
ret urn false;
/** As of connect ion.get At t ribut e you can use connect ion.invoke t o invoke an act ion
It Takes Object Name, St ring Operat ionName, Object [] Paramet ers, and St ring[] Paramet ers
Denit ion, It ret urns an Object we cast it t o Boolean, you can know all about funct ion from
MBeans Reference
**/
public st at ic boolean isUserExist s(St ring current User) t hrows Runt imeExcept ion {
t ry {
boolean userExist s =
((Boolean)connect ion.invoke(default Aut hent icat or, "userExist s",
new Object [] { current User },
new St ring[] { "java.lang.St ring" })).booleanValue();
ret urn userExist s;
} cat ch (Except ion ex) {
t hrow new Runt imeExcept ion(ex);
}
}
public st at ic boolean isGroupExist s(St ring current Group) t hrows Runt imeExcept ion {
t ry {
boolean gourpExist s =
((Boolean)connect ion.invoke(default Aut hent icat or,
"groupExist s",
new Object [] { current Group },
ret urn gourpExist s;

}
/** This one is t ricky, You rst obt ain a St ring cursor of t he It erat or of Users, t hen you check if
It have current , while t rue we invoke anot her funct ion called "get Current Name" which ret urns
t he name
of t he user, t hen I call advance funct ion for t he cursor t o move forward, and invoke haveCurrent
again
and assign it t o t he same boolean I ent ered t he while wit h (In order t o get out of it !)
**/
public st at ic List get List OfUsers() t hrows Runt imeExcept ion {
t ry {
List allUsers = new ArrayList ();
St ring cursor =
(St ring)connect ion.invoke(default Aut hent icat or, "list Users",
new Object [] { "*",
Int eger.valueOf(9999) },
"java.lang.Int eger" });
boolean haveCurrent =
"haveCurrent ",
new Object [] { cursor },
while (haveCurrent ) {
St ring current Name =
(St ring)connect ion.invoke(default Aut hent icat or,
"get Current Name",
allUsers.add(current Name);
connect ion.invoke(default Aut hent icat or, "advance",
haveCurrent =
((Boolean)connect ion.invoke(default Aut hent icat or, "haveCurrent ",
ret urn allUsers;

}
public st at ic List get UserGroups(St ring username) t hrows Runt imeExcept ion {
t ry {
List allUserGroups = new ArrayList ();
St ring cursor =
(St ring)connect ion.invoke(default Aut hent icat or, "list MemberGroups",
new Object [] { username },
new St ring[] { "java.lang.St ring"});
"haveCurrent ",
"get Current Name",
allUserGroups.add(current Name);
haveCurrent =
ret urn allUserGroups;

}
}
public st at ic List get GroupMembers(St ring groupName) t hrows Runt imeExcept ion {
t ry {
List allGroupMembers = new ArrayList ();
St ring cursor =
(St ring)connect ion.invoke(default Aut hent icat or, "list GroupMembers",
new Object [] { groupName, "*", new java.lang.Int eger(0) },
new St ring [] { "java.lang.St ring", "java.lang.St ring", "java.lang.Int eger" });
"haveCurrent ",
"get Current Name",
allGroupMembers.add(current Name);
haveCurrent =
ret urn allGroupMembers;

}
public st at ic List get List OfGroups() t hrows Runt imeExcept ion {

t ry {
List allUsers = new ArrayList ();
St ring cursor =
(St ring)connect ion.invoke(default Aut hent icat or, "list Groups",
new Object [] { "*",
Int eger.valueOf(9999) },
"java.lang.Int eger" });
"haveCurrent ",
"get Current Name",
allUsers.add(current Name);
haveCurrent =
ret urn allUsers;

}
And thats it, Enjoy your Weblogic Utility Class :)

Creating Utilities To Manipulate Users in #Weblogic Using #JMX and #Mbeans

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Creating Utilities To Manipulate Users in #Weblogic Using #JMX and #Mbeans

Uploaded by

Copyright:

Available Formats

m dlwr.am r-gawish.

http://mdlwr.amr-gawish.co m/creating-utilities-to -manipulate-users-in-web/

Creating Utilities to Manipulate Users in #Weblogic Using

import weblogic.management .Helper;

THE UTILITY CLASS

So How do we do that, lets start write some code

THE INITIALIZATION CODE

DEEP INSIDE DEFAULTAUTHENTICATORMBEAN

THE USER/GROUP MANIPULATION

public st at ic boolean addUser(St ring username, St ring psw, St ring desc) {

ret urn t rue;

public st at ic boolean removeUser(St ring username) {

ret urn t rue;

public st at ic boolean reset UserPassword(St ring username,

ret urn t rue;

ret urn gourpExist s;

ret urn allUsers;

ret urn allUserGroups;

ret urn allGroupMembers;

public st at ic List get List OfGroups() t hrows Runt imeExcept ion {

ret urn allUsers;

And thats it, Enjoy your Weblogic Utility Class :)

You might also like