A story of an awful tirade from an awful woman

Yesterday morning I was working at home minding my business when I was hailed from a complete stranger coming up my drive. Being polite and friendly I wandered out and said hello thinking that it was a delivery or perhaps someone needed some help (I was expecting a question about directions or something). I live in a very nice neighbourhood where I know all my closest neighbours and all the local shop keepers; my kids are friends with many of my neighbours kids too. I was expecting another of these pleasant conversations – hey it was a sunny day and I was in a good mood. Christmas in a couple of days.

What followed was an awful tirade from an awful woman starting with ‘HOW CAN YOU LIVE LIKE THIS, IT’S DISGUSTING, WHY AREN’T YOU DOING SOMETHING ABOUT IT’. Completely taken aback and immediately on the back foot I’ve gone down the appeasement track – ‘Yes, I completely agree it’s messy, we’ve got plans in the pipeline to remedy it but we’re not ready yet’. This is the truth, I find little point in working for hours clearing and preening the garden when we’re planning to reshape it with a big digger soon – we have often put time in though, particularly my wife has spent days pulling up some of the weeds only for them to grow back (we spray too from time to time), but we have a family and like to spend time doing things we care more about – as would many people I expect. Well, the appeasement didn’t work, I got ‘THAT’S NOT GOOD ENOUGH, YOU’VE GOT MUSCLES, PULL ALL THIS OUT’. I say ‘I agree it’s a mess, I don’t really have time to fix it we’re quite busy’. I get ‘WE’RE ALL BUSY’…. blah blah you get the point. It went on for about 10 minutes. The simple truth is that for us it’s not a priority.

So, smarting, shocked and a little ashamed of myself I get to work finding someone who can clear the plot quick smart before I get another berating. I found someone, they’ve been a bit pricey, but they’ve come around and cleared it out today. I’ve also used the opportunity of a day off and a skip bin on the property to break up an old fish pond that’s been bothering be for a while. So net net it’s a positive result right? Wrong!!

Now I’m so mad I can’t sleep

Now that I’ve woken from my ‘trance’ I’m left thinking what the ‘hell happened to me, why the hell did I do that?!’ I just let a horrible person blithely walk all over me while I moped around like a troublesome schoolboy and then quick smart did as I was told. I’m 38, I’ve worked in banks where I’ve been shouted at by the stereotypical equities trader – and not put up with it. How did this woman put me immediately on the back foot and in cow-towing mode rather that me telling her to piss off and come back when she can talk to me as an equal. I certainly wouldn’t let my kids talk to me like that.

I’m left so mad half at her and half at myself I’m struggling to sleep. I can only envision the smugness. Horribleness wins the day again dammit!

So why did I cave?

Generally I think it’s because when it’s unexpected you’re on the back foot and not sure if they have a point? You’re immediately apologetic (well you are if you want to be generally a decent person anyway). It’s not until later when you review the situation for probably the 100th time in your head that you start to berate yourself and imagine other responses and lament that you weren’t quick enough, or that you’re just not good enough at arguing, etc… etc…

In my current case there are a few reasons I think:

1. she has a point – the garden is a mess, an her main concern is a particular weed which is close to seeding – probably into her garden (I don’t know where she lives, must be close by though);
2. it was a bolt from the blue so I was gobsmacked and mentally unprepared to put this kind of childish behaviour down;
3. she’s obviously very upset and has probably been stewing on it for a while (perhaps she needed to be angry to have the courage to come up the drive) – I hate for people to be feeling like that;
4. I hate to think all our neighbours are getting upset with us – I like this community (this is the main reason I actually did something about it);
5. I’m busy thinking fast about all these scenarios while in the background she’s stomping around ranting in an epic tantrum so I continue to be unprepared to put the stroppy behaviour down;
6. I’m unsure of my position – perhaps harking back to some natural hierarchy encoding or something, she is older an wiser (perhaps not in this case) than me.

So what should I have done?

With 20/20 hindsight I think an opening salvo of appeasement was the correct response in this case and in so doing I gave her the benefit of the doubt that she is actually just an upset nice person. That not working? then a firm ‘cease and desist the personal attack’ and a request to discuss the matter civilly would have been the correct next action.

The ‘cease and desist’ action may or may not have worked – but at least I wouldn’t have stewed over my weakness in the situation for the last couple of days. It’s going to cost years at the end of my life I expect. I would still have gone ahead with the section clear – if just for reason 4 above – but at least I would have been clear on my reasons and she would have been clear that the kind of childish temper tantrum she was displaying would not be tolerated.

As it stand’s I’m still mad and trying to find a way through

Christmas is coming and the only person really being hurt by this whole debacle is me. What do I do to get past it?

Well, writing this is helping I think. I’m thinking just now that perhaps I need to change my view of an awful woman to just a ‘upset nice person’ and perhaps apologise for my tardiness? Perhaps the tantrum was very out of character for her? I would expect a thank-you and a sincere apology in that case, I’m open-minded to it but not hopeful.

It is unacceptable to behave like that though – especially straight off the bat

It was a childish temper tantrum – there’s no doubt about that. Be she a ‘upset nice person’ or just a born and bred ‘awful person’ it still stands that it was unacceptable to personally attack me and my family with a tirade of abuse straight off the bat. All it’s done is left bad feeling and sleep for us… I suspect she’s sleeping soundly.

She only needed to ask!!

We’re friendly and nice, we’d bend over backwards if asked by any of our neighbours. A simple request to ‘take out that thistle weed please’ would have been enough and would have been an excellent goodwill exercise. Instead she’s assumed we’re bad people and out to ruin her garden with our terrible weeds and I’m left running scenarios for what I’m going to say next time I run into her and feeling generally rather bad (seems like a grieving process). That’s very unfriendly, disrespectful and just not nice behaviour. I don’t like this woman and I’ve only just met her. Jeez if I was an unfriendly type I might have clocked her.

I certainly hope it doesn’t happen again.

Recently I implemented an MBean in JBoss to use as a batch trigger from a ControlM implementation and was surprised (probably shouldn’t have been though) that all my carefully crafted security for the JMXConsole and Web Console was ignored with complete impunity by the tool (twiddle.sh) that I used to invoke my MBean. Since then I’ve been through a pile of pain trying to get an RMI call to a JBoss XMBean to require authentication and I thought I’d put some instructions in plain language on how to do it.

I do this for two reasons:

1. because I bet a lot of developers miss this one; and
2. because the documentation and other information I find online is limited and confusing.

For demonstration I’m going to use a standard JBoss MBean for setting system properties in a running application container.

A Simple Example of Setting a System Property in JBoss using Twiddle

Using the default JBoss version of twiddle.sh (in the bin directory beneath JBoss home) against the default JNP location of JBoss (localhost:1099) you can execute the following to set a system property in a running container.

# this assumes you're in the bin directory of JBoss Home.
./twiddle.sh -s localhost:1099 invoke "jboss:type=Service,name=SystemProperties" set myprop mypropvalue
'null'

To verify that you have been succesful (assuming you didn’t get an exception in the last operation) you can do the following:

# this assumes you're in the bin directory of JBoss Home.
./twiddle.sh -s localhost:1099 invoke "jboss:type=Service,name=SystemProperties" get myprop
mypropvalue

This example will work from anywhere on your network where you’re not prevented from reaching the JNP URL of the container (prevented by a firewall or IP filter for example) regardless of the JMX Console and Web Console security you’ve put in place (there is plenty of documentation around for securing the JMX Console and Web Console). This is because the JMX Console and Web Console are HTTP based and as such are secured in the normal way you would secure a website on JBoss (i.e. in web-inf.xml and jboss-web.xml) whereas the invoker layer is not HTTP based and as such must use an alternate method of security; the key file in this operation is the jmx-invoker-service.xml file in the JBoss deploy directory.

Securing the Invoker Layer

The invoker layer is the one you are calling through when you query or invoke on an MBean via RMI (i.e. with twiddle.sh – as above). This layer is not subject to the security constraints you will have placed on your HTTP based JMX Console or Web Consoles.

To make this layer secure the key file you’re interested in is the jmx-invoker-service.xml in the JBoss deploy directory; and the key operation configuration you will need to change is for ‘invoke’.

The default configuration of the invoke operation in this file is:

<server>

	<!-- excluded for brevity -->

	<mbean code="org.jboss.jmx.connector.invoker.InvokerAdaptorService" name="jboss.jmx:type=adaptor,name=Invoker" xmbean-dd="">
		<xmbean>
			<description>The JMX Detached Invoker Service</description>
			<class>org.jboss.jmx.connector.invoker.InvokerAdaptorService</class>

			<!-- excluded for brevity -->

			<operation>
				<description>The detached invoker entry point</description>
				<name>invoke</name>
				<parameter>
					<description>The method invocation context</description>
					<name>invocation</name>
					<type>org.jboss.invocation.Invocation</type>
				</parameter>
				<return-type>java.lang.Object</return-type>
				<descriptors>
					<interceptors>

						<!-- Uncomment to require authenticated users -->
						<!-- <interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor" securityDomain="java:/jaas/jmx-console"/> -->

						<!-- Interceptor that deals with non-serializable results -->
						<interceptor code="org.jboss.jmx.connector.invoker.SerializableInterceptor" policyClass="StripModelMBeanInfoPolicy"/>

					</interceptors>
				</descriptors>
			</operation>
		</xmbean>
	</mbean>
</server>

So to switch on authentication we do what it says and ‘Uncomment to require authenticated users’:

<server>

	<!-- excluded for brevity -->

	<mbean code="org.jboss.jmx.connector.invoker.InvokerAdaptorService" name="jboss.jmx:type=adaptor,name=Invoker" xmbean-dd="">
		<xmbean>
			<description>The JMX Detached Invoker Service</description>
			<class>org.jboss.jmx.connector.invoker.InvokerAdaptorService</class>

			<!-- excluded for brevity -->

			<operation>
				<description>The detached invoker entry point</description>
				<name>invoke</name>
				<parameter>
					<description>The method invocation context</description>
					<name>invocation</name>
					<type>org.jboss.invocation.Invocation</type>
				</parameter>
				<return-type>java.lang.Object</return-type>
				<descriptors>
					<interceptors>

						<!-- Uncomment to require authenticated users -->
						<interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor" securityDomain="java:/jaas/jmx-console"/>

						<!-- Interceptor that deals with non-serializable results -->
						<interceptor code="org.jboss.jmx.connector.invoker.SerializableInterceptor" policyClass="StripModelMBeanInfoPolicy"/>

					</interceptors>
				</descriptors>
			</operation>
		</xmbean>
	</mbean>
</server>

If you haven’t changed the default security realm for your JMX Console (i.e. java:/jaas/jmx-console) you will now have an invoker layer secured with the same credentials as for your JMX Console. To change this add a new security realm to your global login-config.xml in the conf directory of your container and match the name you give it in the securityDomain attribute of the Authentication Interceptor.

I’ve not yet delved too deeply into setting a specific set of roles, at this point I set my invoker user to JBossAdmin which means that user can do pretty much anything exposed to JMX. That’s ok for my purposes tho (feel free to write a response with the details of setting roles for particular JMX functions ).

Invoking on a Secure Invoker Layer

Ok so now that it’s secure how do you invoke an operation on it?

With the default JBoss twiddle.sh utility there are arguments -u (or –user=) for user and -p (–password=) for password.

# this assumes you're in the bin directory of JBoss Home.
./twiddle.sh -s localhost:1099 --user=myuser --password=mypassword invoke "jboss:type=Service,name=SystemProperties" get myprop
mypropvalue

These arguments work fine except your password is now in clear text and even worse is visible in the process list while it’s executing – in clear text with ‘password=’ conveniently placed for extraction by a simple script!! This seems a bit of an oversight in the tool to me.

To get around this issue in my environment I took the source and modified the main class of twiddle.jar to accept a password from Standard In (patch is below – no promises or guarantees though) which prevents the password showing in your password list and allows you to use standard encryption utilities to decrypt and pipe it into the process without ever making it visible clear text.

You would now invoke as follows:

# this assumes you're in the bin directory of JBoss Home.
mypassword | ./twiddle.sh -s localhost:1099 --user=myuser invoke "jboss:type=Service,name=SystemProperties" get myprop
mypropvalue

or better; from an encrypted password file (or better yet a repository) such as follows:

# this assumes you're in the bin directory of JBoss Home and have previously encrypted your password and encryption key into ~/.<username>.key and ~/.<username>.psw.
KEY=`cat ~/.<execution username>.key`
PWD=`cat ~/.<execution username>.psw | crypt $KEY`

PWD | ./twiddle.sh -s localhost:1099 --user=myuser invoke "jboss:type=Service,name=SystemProperties" get myprop
mypropvalue

to encrypt your password to be used as above you might do:

echo "<password>" | crypt > ~/.<execution username>.psw

which will request an encryption key which you would save as follows (for this example anyway):

cat "<encryption key>" > ~/.<execution username>.key

These files would, of course, be accessable only from your execution user.

Securing the JMX Console

For reference the key files you’re interested in here are:

• conf/login-config.xml
• deploy/jmx-console.war/META-INF/web.xml
• deploy/jmx-console.war/META-INF/jboss-web.xml

Securing the JMX Web Console

For reference the key files you’re interested in here are:

• conf/login-config.xml
• deploy/management/web-console.war/META-INF/web.xml
• deploy/management/web-console.war/META-INF/jboss-web.xml

Stack

These instructions will apply broadly but for reference purposes the stack I have is:

• JBoss 4.2.3.GA
• Java jdk1.6.0_13
• Windows XP or Solaris 10

References

http://www.jboss.org/community/wiki/Twiddle

http://www.jboss.org/community/wiki/jbossserver-aquicktour

https://jira.jboss.org/jira/secure/attachment/12313982/jboss-securejmx.pdf (PDF Document)

Patch For Twiddle to Take Password from StdIn (no promises or guarantees)

Index: src/main/org/jboss/console/twiddle/Twiddle.java
===================================================================
--- src/main/org/jboss/console/twiddle/Twiddle.java    (revision 94201)
+++ src/main/org/jboss/console/twiddle/Twiddle.java    (working copy)
@@ -24,8 +24,10 @@
 import gnu.getopt.Getopt;
 import gnu.getopt.LongOpt;

+import java.io.BufferedReader;
 import java.io.File;
 import java.io.InputStream;
+import java.io.InputStreamReader;
 import java.io.PrintWriter;
 import java.net.MalformedURLException;
 import java.net.URL;
@@ -41,7 +43,6 @@
 import javax.naming.Context;
 import javax.naming.InitialContext;
 import javax.naming.NamingException;
-
 import org.jboss.console.twiddle.command.Command;
 import org.jboss.console.twiddle.command.CommandContext;
 import org.jboss.console.twiddle.command.CommandException;
@@ -148,7 +149,7 @@
 }
 };
 }
-
+
 public Command createCommand(final String name)
 throws NoSuchCommandException, Exception
 {
@@ -383,7 +384,7 @@

 out.println("A JMX client to 'twiddle' with a remote JBoss server.");
 out.println();
-      out.println("usage: " + PROGRAM_NAME + " [options] <command> [command_arguments]");
+      out.println("usage: [echo <password> | ] " + PROGRAM_NAME + " [options] <command> [command_arguments]");
 out.println();
 out.println("options:");
 out.println("    -h, --help                Show this help message");
@@ -397,6 +398,10 @@
 out.println("    -u, --user=<name>         Specify the username for authentication");
 out.println("    -p, --password=<name>     Specify the password for authentication");
 out.println("    -q, --quiet               Be somewhat more quiet");
+      out.println();
+      out.println("A password should be passed in by echoing it and piping it to the command. If you");
+      out.println("use the -p (--password) option your password may be visible in clear text in a ");
+      out.println("process listing such as `ps -ef`.");
 out.flush();
 }

@@ -421,6 +426,28 @@
 Getopt getopt = new Getopt(PROGRAM_NAME, args, sopts, lopts);
 int code;

+        /* Get standard in if it's there - assume it's a password. This is to allow a password to be passed and
+         * prevent it showing in a process listing (e.g. ps -ef in Unix). The -p argument will be ignored if
+         * the password is passed through Standard In.
+         */
+        boolean passwordRetrievedFromStdIn = false;
+        if (System.in.available() > 0) {
+            InputStreamReader inp = new InputStreamReader(System.in);
+            BufferedReader br = new BufferedReader(inp);
+            String stdin = br.readLine();
+
+            if (stdin != null &amp;&amp; stdin.trim().length() > 0) {
+                String password = stdin.trim();
+                SecurityAssociation.setCredential(password);
+
+                passwordRetrievedFromStdIn = true;
+
+                if (log.isDebugEnabled()) {
+                    log.debug("Password retrieved from standard in. Ignoring -p argument.");
+                }
+            }
+        }
+
 PROCESS_ARGUMENTS:

 while ((code = getopt.getopt()) != -1)
@@ -531,8 +558,13 @@
 SecurityAssociation.setPrincipal(new SimplePrincipal(username));
 break;
 case 'p':
-                 String password = getopt.getOptarg();
-                 SecurityAssociation.setCredential(password);
+                  if (!passwordRetrievedFromStdIn) {
+                     String password = getopt.getOptarg();
+                     SecurityAssociation.setCredential(password);
+
+                     log.warn("Password retrieved from -p argument. Your password may be visible in cleartext in a process listing during execution. " +
+                             "Consider using Standard In to enter the password instead (i.e. echo \"password\" | twiddle ...)");
+                  }
 break;

 // Enable quiet operations

 light="true"

There is synchronicity at play here; when we started this blog the other day we were toying with subtitles and one of the ones we considered seriously was a tongue in check ‘awesomeness codified’ (personally I still like this the best even though I didn’t come up with it ). Part of the reason we started this blog is to put stuff out in the public domain to get feedback. To reach out to people who know and understand more than us in the public domain and to share what we’ve found to those close behind us on the curve. We are hoping to get the sort of feedback that will help us move closer to ‘awesomeness’ in software development. We also want to have a place to whinge about things we find annoying .

Each of us is near the top of the chain in our organisation; we have broad and deep skills in many areas of the Java and Java EE space and have been around the block many times in both successful and failed projects; we’ve been shouted at, we’ve worked all night, gotten depressed and received accolades and glory. Also, a large part of our experience has been in banking – which has it’s own world of pain points but can also be a glorious industry to work in for a software developer.

Obviously you take the good with the bad – but how have we kept our heads above water (psychologically) during the bad times – it is because we are passionate about what we do and deep down we are still enjoying the cut and thrust of software development it even when the poo is hitting the fan.

We were discussing recently how much we enjoyed one night a few years ago where we were in the office all night and most of the next day (after a full days work too) because of the intensity of the situation that the business was in. Basically we received in one night far more volume than was expected and we had to ‘massage’ it through systems that were in their infancy and in no way ready to scale to the level of data we had to process. Regardless of how we got into this situation (obviously in an ideal world we might have planned better) we had to now manage it and were on the critical path of a successful or failed year end process (i.e. make or lose lotsa money). This meant that we had some very senior executive director level people in the business right down to the current season of graduate interns and us all working as a unit, in the zone, to get over the line. It was stressful, difficult and tiring but we felt a part of something; we were able to display skills and aptitudes in a very visible way and deliver results instantly, not just the results in managing overburdened systems but in joining business decisions using peripheral skills gained in building software for the business we were a part of. It was an environment of mutual trust and respect with everybody intensely focused on a positive outcome regardless of position or role in the business. This is awesomeness codified.

Anyway, back to the point – we want to become ‘awesome developers’. This doesn’t mean ‘they who know the most api calls in the java.lang package’ or ‘they who can make JBoss sing the national anthem – in a language of your choice (while washing the dishes)’*; it means we want to love what we are doing and to inspire others (in the space) to love what they are doing; it means we want to be able to deliver robust, reusable, reliable and ‘awesome’ solutions better and better every time; it means we accept that someone will always know more than us and that we will strive to meet those people that we might incorporate what they know into delivering better and better solutions; it means we want to be a part of and understand the businesses we work with and within, again so we can deliver better and better solutions; it means we want colleagues (it & business) to say ‘wow, they really care about what they do’.

So this is why we blog. We want the feedback; we want to attract developers who are already awesome – though they may not know it – to help us improve. However, to be brutally honest maybe we just want to be famous .

* we can though, well – maybe not the dishes bit.

On a lighter note – I’m lovin’ the new Ribbon concept in the Windows version. Who ever designed that deserves a pat on the back (and a big bonus). It takes a little getting used to but is just great when your up the learning curve.

If there is some friendly competition between the Word for Mac and the Word for Windows UI teams then I think the Windows team well and truly wins this round.

Jon

PS: If anyone knows how to increase the size of the toolbox or dock it please tell me how. Please – I’m dying here.