001/* 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 018package org.apache.hadoop.hbase.http.jmx; 019 020import java.io.IOException; 021import java.io.PrintWriter; 022import java.lang.management.ManagementFactory; 023import javax.management.MBeanServer; 024import javax.management.MalformedObjectNameException; 025import javax.management.ObjectName; 026import javax.management.openmbean.CompositeData; 027import javax.management.openmbean.TabularData; 028import javax.servlet.ServletException; 029import javax.servlet.http.HttpServlet; 030import javax.servlet.http.HttpServletRequest; 031import javax.servlet.http.HttpServletResponse; 032import org.apache.hadoop.hbase.http.HttpServer; 033import org.apache.hadoop.hbase.util.JSONBean; 034import org.apache.yetus.audience.InterfaceAudience; 035import org.slf4j.Logger; 036import org.slf4j.LoggerFactory; 037 038/* 039 * This servlet is based off of the JMXProxyServlet from Tomcat 7.0.14. It has 040 * been rewritten to be read only and to output in a JSON format so it is not 041 * really that close to the original. 042 */ 043/** 044 * Provides Read only web access to JMX. 045 * <p> 046 * This servlet generally will be placed under the /jmx URL for each 047 * HttpServer. It provides read only 048 * access to JMX metrics. The optional <code>qry</code> parameter 049 * may be used to query only a subset of the JMX Beans. This query 050 * functionality is provided through the 051 * {@link MBeanServer#queryNames(ObjectName, javax.management.QueryExp)} 052 * method. 053 * </p> 054 * <p> 055 * For example <code>http://.../jmx?qry=Hadoop:*</code> will return 056 * all hadoop metrics exposed through JMX. 057 * </p> 058 * <p> 059 * The optional <code>get</code> parameter is used to query an specific 060 * attribute of a JMX bean. The format of the URL is 061 * <code>http://.../jmx?get=MXBeanName::AttributeName</code> 062 * </p> 063 * <p> 064 * For example 065 * <code> 066 * http://../jmx?get=Hadoop:service=NameNode,name=NameNodeInfo::ClusterId 067 * </code> will return the cluster id of the namenode mxbean. 068 * </p> 069 * <p> 070 * If the <code>qry</code> or the <code>get</code> parameter is not formatted 071 * correctly then a 400 BAD REQUEST http response code will be returned. 072 * </p> 073 * <p> 074 * If a resouce such as a mbean or attribute can not be found, 075 * a 404 SC_NOT_FOUND http response code will be returned. 076 * </p> 077 * <p> 078 * The return format is JSON and in the form 079 * </p> 080 * <pre><code> 081 * { 082 * "beans" : [ 083 * { 084 * "name":"bean-name" 085 * ... 086 * } 087 * ] 088 * } 089 * </code></pre> 090 * <p> 091 * The servlet attempts to convert the the JMXBeans into JSON. Each 092 * bean's attributes will be converted to a JSON object member. 093 * 094 * If the attribute is a boolean, a number, a string, or an array 095 * it will be converted to the JSON equivalent. 096 * 097 * If the value is a {@link CompositeData} then it will be converted 098 * to a JSON object with the keys as the name of the JSON member and 099 * the value is converted following these same rules. 100 * 101 * If the value is a {@link TabularData} then it will be converted 102 * to an array of the {@link CompositeData} elements that it contains. 103 * 104 * All other objects will be converted to a string and output as such. 105 * 106 * The bean's name and modelerType will be returned for all beans. 107 * 108 * Optional paramater "callback" should be used to deliver JSONP response. 109 * </p> 110 * 111 */ 112@InterfaceAudience.Private 113public class JMXJsonServlet extends HttpServlet { 114 private static final Logger LOG = LoggerFactory.getLogger(JMXJsonServlet.class); 115 116 private static final long serialVersionUID = 1L; 117 118 private static final String CALLBACK_PARAM = "callback"; 119 /** 120 * If query string includes 'description', then we will emit bean and attribute descriptions to 121 * output IFF they are not null and IFF the description is not the same as the attribute name: 122 * i.e. specify a URL like so: /jmx?description=true 123 */ 124 private static final String INCLUDE_DESCRIPTION = "description"; 125 126 /** 127 * MBean server. 128 */ 129 protected transient MBeanServer mBeanServer; 130 131 protected transient JSONBean jsonBeanWriter; 132 133 /** 134 * Initialize this servlet. 135 */ 136 @Override 137 public void init() throws ServletException { 138 // Retrieve the MBean server 139 mBeanServer = ManagementFactory.getPlatformMBeanServer(); 140 this.jsonBeanWriter = new JSONBean(); 141 } 142 143 /** 144 * Process a GET request for the specified resource. 145 * 146 * @param request 147 * The servlet request we are processing 148 * @param response 149 * The servlet response we are creating 150 */ 151 @Override 152 public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException { 153 try { 154 if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) { 155 return; 156 } 157 String jsonpcb = null; 158 PrintWriter writer = null; 159 JSONBean.Writer beanWriter = null; 160 try { 161 jsonpcb = checkCallbackName(request.getParameter(CALLBACK_PARAM)); 162 writer = response.getWriter(); 163 164 // "callback" parameter implies JSONP outpout 165 if (jsonpcb != null) { 166 response.setContentType("application/javascript; charset=utf8"); 167 writer.write(jsonpcb + "("); 168 } else { 169 response.setContentType("application/json; charset=utf8"); 170 } 171 beanWriter = this.jsonBeanWriter.open(writer); 172 // Should we output description on each attribute and bean? 173 String tmpStr = request.getParameter(INCLUDE_DESCRIPTION); 174 boolean description = tmpStr != null && tmpStr.length() > 0; 175 176 // query per mbean attribute 177 String getmethod = request.getParameter("get"); 178 if (getmethod != null) { 179 String[] splitStrings = getmethod.split("\\:\\:"); 180 if (splitStrings.length != 2) { 181 beanWriter.write("result", "ERROR"); 182 beanWriter.write("message", "query format is not as expected."); 183 beanWriter.flush(); 184 response.setStatus(HttpServletResponse.SC_BAD_REQUEST); 185 return; 186 } 187 if (beanWriter.write(this.mBeanServer, new ObjectName(splitStrings[0]), 188 splitStrings[1], description) != 0) { 189 beanWriter.flush(); 190 response.setStatus(HttpServletResponse.SC_BAD_REQUEST); 191 } 192 return; 193 } 194 195 // query per mbean 196 String qry = request.getParameter("qry"); 197 if (qry == null) { 198 qry = "*:*"; 199 } 200 if (beanWriter.write(this.mBeanServer, new ObjectName(qry), null, description) != 0) { 201 beanWriter.flush(); 202 response.setStatus(HttpServletResponse.SC_BAD_REQUEST); 203 } 204 } finally { 205 if (beanWriter != null) { 206 beanWriter.close(); 207 } 208 if (jsonpcb != null) { 209 writer.write(");"); 210 } 211 if (writer != null) { 212 writer.close(); 213 } 214 } 215 } catch (IOException e) { 216 LOG.error("Caught an exception while processing JMX request", e); 217 response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); 218 } catch (MalformedObjectNameException e) { 219 LOG.error("Caught an exception while processing JMX request", e); 220 response.sendError(HttpServletResponse.SC_BAD_REQUEST); 221 } 222 } 223 224 /** 225 * Verifies that the callback property, if provided, is purely alphanumeric. 226 * This prevents a malicious callback name (that is javascript code) from being 227 * returned by the UI to an unsuspecting user. 228 * 229 * @param callbackName The callback name, can be null. 230 * @return The callback name 231 * @throws IOException If the name is disallowed. 232 */ 233 private String checkCallbackName(String callbackName) throws IOException { 234 if (null == callbackName) { 235 return null; 236 } 237 if (callbackName.matches("[A-Za-z0-9_]+")) { 238 return callbackName; 239 } 240 throw new IOException("'callback' must be alphanumeric"); 241 } 242}