为 Liberty 开发 JMX Java 客户机
您可以开发 Java™ 管理扩展 (JMX) 客户机应用程序,以访问 Liberty 的受保护 REST 连接器。
关于此任务
借助 JMX 远程客户机应用程序,您可以通过 JMX 编程来管理 Liberty。
过程
- 开发样本 JMX 客户机。REST 连接器支持标准 JMX API。对于配置了
restConnector-1.0 功能部件的已启动 Liberty 服务器,可以使用
${server.output.dir}/logs/state/com.ibm.ws.jmx.rest.address 的内容来实例化新的
JMXServiceURL 对象。
import javax.management.remote.JMXServiceURL; import javax.management.MBeanServerConnection; import javax.management.remote.JMXConnector; import javax.management.remote.JMXConnectorFactory; import java.util.HashMap; public class Test { public static void main(String[] args) { System.setProperty("javax.net.ssl.trustStore", <truststore location>); System.setProperty("javax.net.ssl.trustStorePassword", <truststore password>); //If the type of the trustStore is not jks, which is default, //set the type by using the following line. System.setProperty("javax.net.ssl.trustStoreType", <truststore type>); try { HashMap<String, Object> environment = new HashMap<String, Object>(); environment.put("jmx.remote.protocol.provider.pkgs", "com.ibm.ws.jmx.connector.client"); environment.put(JMXConnector.CREDENTIALS, new String[] { "bob", "bobpassword" }); JMXServiceURL url = new JMXServiceURL("service:jmx:rest://<host>:<port>/IBMJMXConnectorREST"); JMXConnector connector = JMXConnectorFactory.newJMXConnector(url, environment); connector.connect(); MBeanServerConnection mbsc = connector.getMBeanServerConnection(); } catch(Throwable t) { ... } } }
- 可选: 对 SSL 证书禁用主机名验证。随 Liberty 安装的证书可能不包含运行服务器的主机的名称。如果要禁用 SSL 证书的主机名验证,可以将系统属性 com.ibm.ws.jmx.connector.client.disableURLHostnameVerification 设为 true,这会对所有连接禁用主机名验证。要以每个连接为基础禁用主机名验证,请在创建 JMX 连接时传递该属性作为新的 environment:
HashMap<String, Object> environment = new HashMap<String, Object>(); environment.put("jmx.remote.protocol.provider.pkgs", "com.ibm.ws.jmx.connector.client"); environment.put("com.ibm.ws.jmx.connector.client.disableURLHostnameVerification", Boolean.TRUE); environment.put(JMXConnector.CREDENTIALS, new String[] { "bob", "bobpassword" }); ...
- 可选: 使用环境映射来配置 JMX REST 连接器设置。
... HashMap<String, Object> environment = new HashMap<String, Object>(); environment.put("com.ibm.ws.jmx.connector.client.rest.maxServerWaitTime", 0); environment.put("com.ibm.ws.jmx.connector.client.rest.notificationDeliveryInterval", 65000); ...
- 可选: Liberty REST 连接器允许使用特定定制 SSL 套接字工厂来获取套接字。如果显示 javax.net.ssl.SSLHandshakeException:
com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException:
unable to find valid certification path to requested target 异常,那么您可以从自己的密钥库创建自己的 SSLContext,然后将该上下文中的 SocketFactory 与 REST 连接器配合使用。
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream inputStream = new FileInputStream("myTrustStore.jks"); trustStore.load(inputStream, "password".toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustManagers, null); Map<String, Object> environment = new HashMap<String, Object>(); environment.put(ConnectorSettings.CUSTOM_SSLSOCKETFACTORY, sslContext.getSocketFactory()); environment.put(ConnectorSettings.DISABLE_HOSTNAME_VERIFICATION, true); environment.put("jmx.remote.protocol.provider.pkgs", "com.ibm.ws.jmx.connector.client"); environment.put(JMXConnector.CREDENTIALS, new String[] { "admin", "password" }); JMXServiceURL url = new JMXServiceURL("REST", "myhost", 9443, "/IBMJMXConnectorREST"); jmxConn = JMXConnectorFactory.connect(url, environment);
相关任务:


http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=twlp_dev_jmxclient
文件名:twlp_dev_jmxclient.html