Examples with AttributeDefinition org.jboss.as.controller.AttributeDefinition used on opensource projects

Example 36 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class ElytronIntegrationResourceDefinitions method getElytronTrustManagersResourceDefinition.

/**
     * Defines a resource that represents Elytron-compatible trust managers that can be exported by a JSSE-enabled domain
     * in the legacy security subsystem.
     *
     * To export the trust managers the resource uses a {@code BasicAddHandler} implementation that registers the elytron
     * trust-managers capability and implements a {@code org.jboss.as.security.elytron.BasicService.ValueSupplier} that uses
     * the injected {@code SecurityDomainContext} to obtain a {@code JSSESecurityDomain}. If such domain is found, its
     * configured trust manager array is obtained and returned.
     *
     * The {@code ValueSupplier} implementation throws an exception if the referenced legacy domain is not a JSSE-enabled
     * domain or if the domain doesn't contain a trust store configuration that can be used to build the trust managers.
     *
     * NOTE: The {@code PicketBox} implementation of a {@code JSSESecurityDomain} returns a reference to the key store if
     * a trust store was not configured. This means that the trust managers that it builds will use the configured key store
     * instead of throwing an exception to alert about a missing trust store configuration. So extra care must be taken
     * to ensure that the exported trust managers are being built using the correct trust stores.
     */
public static ResourceDefinition getElytronTrustManagersResourceDefinition() {
    final AttributeDefinition[] attributes = new AttributeDefinition[] { LEGACY_JSSE_CONFIG };
    final AbstractAddStepHandler addHandler = new BasicAddHandler<TrustManager[]>(attributes, TRUST_MANAGERS_RUNTIME_CAPABILITY) {

        @Override
        protected BasicService.ValueSupplier<TrustManager[]> getValueSupplier(ServiceBuilder<TrustManager[]> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
            final String legacyJSSEConfig = asStringIfDefined(context, LEGACY_JSSE_CONFIG, model);
            final InjectedValue<SecurityDomainContext> securityDomainContextInjector = new InjectedValue<>();
            if (legacyJSSEConfig != null) {
                serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(legacyJSSEConfig), SecurityDomainContext.class, securityDomainContextInjector);
            }
            return () -> {
                final SecurityDomainContext domainContext = securityDomainContextInjector.getValue();
                final JSSESecurityDomain jsseDomain = domainContext.getJSSE();
                if (jsseDomain == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(legacyJSSEConfig);
                }
                final TrustManager[] trustManagers = jsseDomain.getTrustManagers();
                if (trustManagers == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("trust manager", legacyJSSEConfig);
                }
                return trustManagers;
            };
        }
    };
    return new BasicResourceDefinition(Constants.ELYTRON_TRUST_MANAGER, addHandler, attributes, TRUST_MANAGERS_RUNTIME_CAPABILITY);
}

Example 37 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class ElytronIntegrationResourceDefinitions method getElytronTrustStoreResourceDefinition.

/**
     * Defines a resource that represents an Elytron-compatible trust store that will be exported by a JSSE-enabled domain
     * in the legacy security subsystem.
     *
     * To export the trust store the resource uses a {@code BasicAddHandler} implementation that registers the elytron key-store
     * capability and implements a {@code org.jboss.as.security.elytron.BasicService.ValueSupplier} that uses the injected
     * {@code SecurityDomainContext} to obtain a {@code JSSESecurityDomain}. If such domain is found, its configured trust
     * store is obtained and returned.
     *
     * NOTE 1: In the Elytron subsystem, both key stores and trust stores are registered using the same capability. This
     * means that the name of the trust store must be unique across all configured trust stores and key stores. If a trust
     * store resource is registered with the same name of a key store resource, an error will occur.
     *
     * The {@code ValueSupplier} implementation throws an exception if the referenced legacy domain is not a JSSE-enabled
     * domain or if the domain doesn't contain a trust store configuration.
     *
     * NOTE 2: The {@code PicketBox} implementation of a {@code JSSESecurityDomain} returns a reference to the key store if
     * a trust store was not configured. So extra care must be taken when that implementation is used (default) as the code
     * will silently export the key store as a trust store instead of throwing an exception to alert about a missing trust
     * store configuration in the legacy JSSE-enabled domain.
     */
public static ResourceDefinition getElytronTrustStoreResourceDefinition() {
    final AttributeDefinition[] attributes = new AttributeDefinition[] { LEGACY_JSSE_CONFIG };
    final AbstractAddStepHandler addHandler = new BasicAddHandler<KeyStore>(attributes, KEY_STORE_RUNTIME_CAPABILITY) {

        @Override
        protected BasicService.ValueSupplier<KeyStore> getValueSupplier(ServiceBuilder<KeyStore> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
            final String legacyJSSEConfig = asStringIfDefined(context, LEGACY_JSSE_CONFIG, model);
            final InjectedValue<SecurityDomainContext> securityDomainContextInjector = new InjectedValue<>();
            if (legacyJSSEConfig != null) {
                serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(legacyJSSEConfig), SecurityDomainContext.class, securityDomainContextInjector);
            }
            return () -> {
                final SecurityDomainContext domainContext = securityDomainContextInjector.getValue();
                final JSSESecurityDomain jsseDomain = domainContext.getJSSE();
                if (jsseDomain == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(legacyJSSEConfig);
                }
                final KeyStore trustStore = jsseDomain.getTrustStore();
                if (trustStore == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("trust store", legacyJSSEConfig);
                }
                return trustStore;
            };
        }
    };
    return new BasicResourceDefinition(Constants.ELYTRON_TRUST_STORE, addHandler, attributes, KEY_STORE_RUNTIME_CAPABILITY);
}

Example 38 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class ElytronIntegrationResourceDefinitions method getElytronKeyManagersResourceDefinition.

/**
     * Defines a resource that represents Elytron-compatible key managers that can be exported by a JSSE-enabled domain
     * in the legacy security subsystem.
     *
     * To export the key managers the resource uses a {@code BasicAddHandler} implementation that registers the elytron
     * key-managers capability and implements a {@code org.jboss.as.security.elytron.BasicService.ValueSupplier} that uses
     * the injected {@code SecurityDomainContext} to obtain a {@code JSSESecurityDomain}. If such domain is found, its
     * configured key manager array is obtained and returned.
     *
     * The {@code ValueSupplier} implementation throws an exception if the referenced legacy domain is not a JSSE-enabled
     * domain or if the domain doesn't contain a key store configuration that can be used to build the key managers.
     */
public static ResourceDefinition getElytronKeyManagersResourceDefinition() {
    final AttributeDefinition[] attributes = new AttributeDefinition[] { LEGACY_JSSE_CONFIG };
    final AbstractAddStepHandler addHandler = new BasicAddHandler<KeyManager[]>(attributes, KEY_MANAGERS_RUNTIME_CAPABILITY) {

        @Override
        protected BasicService.ValueSupplier<KeyManager[]> getValueSupplier(ServiceBuilder<KeyManager[]> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
            final String legacyJSSEConfig = asStringIfDefined(context, LEGACY_JSSE_CONFIG, model);
            final InjectedValue<SecurityDomainContext> securityDomainContextInjector = new InjectedValue<>();
            if (legacyJSSEConfig != null) {
                serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(legacyJSSEConfig), SecurityDomainContext.class, securityDomainContextInjector);
            }
            return () -> {
                final SecurityDomainContext domainContext = securityDomainContextInjector.getValue();
                final JSSESecurityDomain jsseDomain = domainContext.getJSSE();
                if (jsseDomain == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(legacyJSSEConfig);
                }
                final KeyManager[] keyManagers = jsseDomain.getKeyManagers();
                if (keyManagers == null) {
                    throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("key manager", legacyJSSEConfig);
                }
                return keyManagers;
            };
        }
    };
    return new BasicResourceDefinition(Constants.ELYTRON_KEY_MANAGER, addHandler, attributes, KEY_MANAGERS_RUNTIME_CAPABILITY);
}

Example 39 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class EjbJarRuntimeResourceTestBase method validatePool.

private void validatePool(ModelNode address, ModelNode resourceDescription, ModelNode resource) {
    for (AttributeDefinition attr : POOL_ATTRIBUTES) {
        final String name = attr.getName();
        final ModelType expectedType = attr.getType();
        assertTrue(resourceDescription.get(ATTRIBUTES, name).isDefined());
        assertEquals(ModelType.STRING, resourceDescription.get(ATTRIBUTES, name, DESCRIPTION).getType());
        assertEquals(expectedType, resourceDescription.get(ATTRIBUTES, name, TYPE).asType());
        assertTrue(name + " is not defined", resource.get(name).isDefined());
        assertEquals(expectedType, resource.get(name).getType());
    }
}

Example 40 with AttributeDefinition

use of org.jboss.as.controller.AttributeDefinition in project wildfly by wildfly.

the class EjbJarRuntimeResourceTestBase method testComponent.

/*
    TODO implement a test of entity beans
    @Test
    public void testEntityBean() throws Exception {
        testComponent(EJBComponentType.ENTITY, ???.class.getSimpleName());
    }
    */
private void testComponent(EJBComponentType type, String name, boolean expectTimer) throws Exception {
    ModelNode address = getComponentAddress(type, name).toModelNode();
    address.protect();
    ModelNode resourceDescription = executeOperation(managementClient, ModelDescriptionConstants.READ_RESOURCE_DESCRIPTION_OPERATION, address);
    ModelNode resource = executeOperation(managementClient, ModelDescriptionConstants.READ_RESOURCE_OPERATION, address);
    assertTrue(resourceDescription.get(ATTRIBUTES, COMPONENT_CLASS_NAME.getName()).isDefined());
    assertEquals(ModelType.STRING, resourceDescription.get(ATTRIBUTES, COMPONENT_CLASS_NAME.getName(), DESCRIPTION).getType());
    assertEquals(ModelType.STRING, resourceDescription.get(ATTRIBUTES, COMPONENT_CLASS_NAME.getName(), TYPE).asType());
    assertTrue(resource.get(COMPONENT_CLASS_NAME.getName()).isDefined());
    validateSecurity(address, resourceDescription, resource);
    if (type.hasPool()) {
        validatePool(address, resourceDescription, resource);
    } else {
        for (AttributeDefinition attr : POOL_ATTRIBUTES) {
            assertFalse(resourceDescription.get(ModelDescriptionConstants.ATTRIBUTES).has(attr.getName()));
            assertFalse(resource.has(attr.getName()));
        }
    }
    if (type.hasTimer()) {
        validateTimer(address, resourceDescription, resource, expectTimer);
    } else {
        assertFalse(resourceDescription.get(ModelDescriptionConstants.ATTRIBUTES).has(TimerAttributeDefinition.INSTANCE.getName()));
        assertFalse(resource.has(TimerAttributeDefinition.INSTANCE.getName()));
    }
}