Examples with AttributeDefinition org.jboss.as.controller.AttributeDefinition used on opensource projects

Example 16 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class AlternativeAttributeValidationStepHandler method validateAlternatives.

protected void validateAlternatives(OperationContext context, ModelNode operation) throws OperationFailedException {
    ModelNode elementNode = context.readResource(EMPTY_ADDRESS, false).getModel();
    PathAddress address = PathAddress.pathAddress(operation.require(OP_ADDR));
    ModelNode definedAttribute = null;
    for (AttributeDefinition attribute : this.attributes) {
        if (elementNode.hasDefined(attribute.getName())) {
            if (definedAttribute != null) {
                throw ROOT_LOGGER.invalidAlternativeAttributeOccurrence(attribute.getName(), address.getLastElement().toString(), getAttributeNames());
            }
            definedAttribute = attribute.resolveModelAttribute(context, elementNode);
        }
    }
    if (this.required && definedAttribute == null) {
        throw ROOT_LOGGER.requiredAlternativeAttributes(address.getLastElement().toString(), getAttributeNames());
    }
}

Example 17 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class AbstractIDMResourceDefinition method createAttributeWriterHandler.

@Override
protected OperationStepHandler createAttributeWriterHandler() {
    List<SimpleAttributeDefinition> attributes = getAttributes();
    final List<AttributeDefinition> alternativeAttributes = getAlternativesAttributes();
    return new IDMConfigWriteAttributeHandler(attributes.toArray(new AttributeDefinition[attributes.size()])) {

        @Override
        public void execute(OperationContext context, ModelNode operation) throws OperationFailedException {
            if (!alternativeAttributes.isEmpty()) {
                context.addStep(new AlternativeAttributeValidationStepHandler(alternativeAttributes.toArray(new AttributeDefinition[alternativeAttributes.size()])), OperationContext.Stage.MODEL);
            }
            doRegisterModelWriteAttributeHandler(context, operation);
            super.execute(context, operation);
        }
    };
}

Example 18 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class ElytronIntegrationResourceDefinitions method getElytronTrustManagersResourceDefinition.

/**
     * Defines a resource that represents Elytron-compatible trust managers that can be exported by a JSSE-enabled domain
     * in the legacy security subsystem.
     *
     * To export the trust managers the resource uses a {@code BasicAddHandler} implementation that registers the elytron
     * trust-managers capability and implements a {@code org.jboss.as.security.elytron.BasicService.ValueSupplier} that uses
     * the injected {@code SecurityDomainContext} to obtain a {@code JSSESecurityDomain}. If such domain is found, its
     * configured trust manager array is obtained and returned.
     *
     * The {@code ValueSupplier} implementation throws an exception if the referenced legacy domain is not a JSSE-enabled
     * domain or if the domain doesn't contain a trust store configuration that can be used to build the trust managers.
     *
     * NOTE: The {@code PicketBox} implementation of a {@code JSSESecurityDomain} returns a reference to the key store if
     * a trust store was not configured. This means that the trust managers that it builds will use the configured key store
     * instead of throwing an exception to alert about a missing trust store configuration. So extra care must be taken
     * to ensure that the exported trust managers are being built using the correct trust stores.
     */
public static ResourceDefinition getElytronTrustManagersResourceDefinition() {
    final AttributeDefinition[] attributes = new AttributeDefinition[] { LEGACY_JSSE_CONFIG };
    final AbstractAddStepHandler addHandler = new BasicAddHandler<TrustManager[]>(attributes, TRUST_MANAGERS_RUNTIME_CAPABILITY) {

        @Override
        protected BasicService.ValueSupplier<TrustManager[]> getValueSupplier(ServiceBuilder<TrustManager[]> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
            final String legacyJSSEConfig = asStringIfDefined(context, LEGACY_JSSE_CONFIG, model);
            final InjectedValue<SecurityDomainContext> securityDomainContextInjector = new InjectedValue<>();
            if (legacyJSSEConfig != null) {
                serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(legacyJSSEConfig), SecurityDomainContext.class, securityDomainContextInjector);
            }
            return () -> {
                final SecurityDomainContext domainContext = securityDomainContextInjector.getValue();
                final JSSESecurityDomain jsseDomain = domainContext.getJSSE();
                if (jsseDomain == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(legacyJSSEConfig);
                }
                final TrustManager[] trustManagers = jsseDomain.getTrustManagers();
                if (trustManagers == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("trust manager", legacyJSSEConfig);
                }
                return trustManagers;
            };
        }
    };
    return new BasicResourceDefinition(Constants.ELYTRON_TRUST_MANAGER, addHandler, attributes, TRUST_MANAGERS_RUNTIME_CAPABILITY);
}

Example 19 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class ElytronIntegrationResourceDefinitions method getElytronTrustStoreResourceDefinition.

/**
     * Defines a resource that represents an Elytron-compatible trust store that will be exported by a JSSE-enabled domain
     * in the legacy security subsystem.
     *
     * To export the trust store the resource uses a {@code BasicAddHandler} implementation that registers the elytron key-store
     * capability and implements a {@code org.jboss.as.security.elytron.BasicService.ValueSupplier} that uses the injected
     * {@code SecurityDomainContext} to obtain a {@code JSSESecurityDomain}. If such domain is found, its configured trust
     * store is obtained and returned.
     *
     * NOTE 1: In the Elytron subsystem, both key stores and trust stores are registered using the same capability. This
     * means that the name of the trust store must be unique across all configured trust stores and key stores. If a trust
     * store resource is registered with the same name of a key store resource, an error will occur.
     *
     * The {@code ValueSupplier} implementation throws an exception if the referenced legacy domain is not a JSSE-enabled
     * domain or if the domain doesn't contain a trust store configuration.
     *
     * NOTE 2: The {@code PicketBox} implementation of a {@code JSSESecurityDomain} returns a reference to the key store if
     * a trust store was not configured. So extra care must be taken when that implementation is used (default) as the code
     * will silently export the key store as a trust store instead of throwing an exception to alert about a missing trust
     * store configuration in the legacy JSSE-enabled domain.
     */
public static ResourceDefinition getElytronTrustStoreResourceDefinition() {
    final AttributeDefinition[] attributes = new AttributeDefinition[] { LEGACY_JSSE_CONFIG };
    final AbstractAddStepHandler addHandler = new BasicAddHandler<KeyStore>(attributes, KEY_STORE_RUNTIME_CAPABILITY) {

        @Override
        protected BasicService.ValueSupplier<KeyStore> getValueSupplier(ServiceBuilder<KeyStore> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
            final String legacyJSSEConfig = asStringIfDefined(context, LEGACY_JSSE_CONFIG, model);
            final InjectedValue<SecurityDomainContext> securityDomainContextInjector = new InjectedValue<>();
            if (legacyJSSEConfig != null) {
                serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(legacyJSSEConfig), SecurityDomainContext.class, securityDomainContextInjector);
            }
            return () -> {
                final SecurityDomainContext domainContext = securityDomainContextInjector.getValue();
                final JSSESecurityDomain jsseDomain = domainContext.getJSSE();
                if (jsseDomain == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(legacyJSSEConfig);
                }
                final KeyStore trustStore = jsseDomain.getTrustStore();
                if (trustStore == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("trust store", legacyJSSEConfig);
                }
                return trustStore;
            };
        }
    };
    return new BasicResourceDefinition(Constants.ELYTRON_TRUST_STORE, addHandler, attributes, KEY_STORE_RUNTIME_CAPABILITY);
}

Example 20 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class ElytronIntegrationResourceDefinitions method getElytronKeyManagersResourceDefinition.

/**
     * Defines a resource that represents Elytron-compatible key managers that can be exported by a JSSE-enabled domain
     * in the legacy security subsystem.
     *
     * To export the key managers the resource uses a {@code BasicAddHandler} implementation that registers the elytron
     * key-managers capability and implements a {@code org.jboss.as.security.elytron.BasicService.ValueSupplier} that uses
     * the injected {@code SecurityDomainContext} to obtain a {@code JSSESecurityDomain}. If such domain is found, its
     * configured key manager array is obtained and returned.
     *
     * The {@code ValueSupplier} implementation throws an exception if the referenced legacy domain is not a JSSE-enabled
     * domain or if the domain doesn't contain a key store configuration that can be used to build the key managers.
     */
public static ResourceDefinition getElytronKeyManagersResourceDefinition() {
    final AttributeDefinition[] attributes = new AttributeDefinition[] { LEGACY_JSSE_CONFIG };
    final AbstractAddStepHandler addHandler = new BasicAddHandler<KeyManager[]>(attributes, KEY_MANAGERS_RUNTIME_CAPABILITY) {

        @Override
        protected BasicService.ValueSupplier<KeyManager[]> getValueSupplier(ServiceBuilder<KeyManager[]> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
            final String legacyJSSEConfig = asStringIfDefined(context, LEGACY_JSSE_CONFIG, model);
            final InjectedValue<SecurityDomainContext> securityDomainContextInjector = new InjectedValue<>();
            if (legacyJSSEConfig != null) {
                serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(legacyJSSEConfig), SecurityDomainContext.class, securityDomainContextInjector);
            }
            return () -> {
                final SecurityDomainContext domainContext = securityDomainContextInjector.getValue();
                final JSSESecurityDomain jsseDomain = domainContext.getJSSE();
                if (jsseDomain == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(legacyJSSEConfig);
                }
                final KeyManager[] keyManagers = jsseDomain.getKeyManagers();
                if (keyManagers == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("key manager", legacyJSSEConfig);
                }
                return keyManagers;
            };
        }
    };
    return new BasicResourceDefinition(Constants.ELYTRON_KEY_MANAGER, addHandler, attributes, KEY_MANAGERS_RUNTIME_CAPABILITY);
}