Example 1 with URL
use of org.jboss.as.security.Constants.URL in project wildfly by wildfly.
the class WebCERTTestsSecurityDomainSetup method setup.
@Override
public void setup(ManagementClient managementClient, String containerId) {
try {
super.setup(managementClient, containerId);
log.debug("start of the domain creation");
ClassLoader tccl = Thread.currentThread().getContextClassLoader();
URL keystore = tccl.getResource("security/jsse.keystore");
URL roles = getClass().getResource("cert/roles.properties");
final List<ModelNode> updates = new ArrayList<ModelNode>();
final ModelNode compositeOp = new ModelNode();
compositeOp.get(OP).set(COMPOSITE);
compositeOp.get(OP_ADDR).setEmptyList();
final ModelNode domainSteps = compositeOp.get(STEPS);
PathAddress address = PathAddress.pathAddress().append(SUBSYSTEM, "security").append(SECURITY_DOMAIN, APP_SECURITY_DOMAIN);
domainSteps.add(Util.createAddOperation(address));
address = address.append(Constants.AUTHENTICATION, Constants.CLASSIC);
domainSteps.add(Util.createAddOperation(address));
ModelNode loginModule = Util.createAddOperation(address.append(LOGIN_MODULE, "CertificateRoles"));
loginModule.get(CODE).set("CertificateRoles");
loginModule.get(FLAG).set("required");
ModelNode moduleOptions = loginModule.get(MODULE_OPTIONS);
moduleOptions.add("securityDomain", APP_SECURITY_DOMAIN);
moduleOptions.add("rolesProperties", roles.getPath());
//loginModule.get(OPERATION_HEADERS).get(ALLOW_RESOURCE_SERVICE_RESTART).set(true);
domainSteps.add(loginModule);
// Add the JSSE security domain.
address = PathAddress.pathAddress().append(SUBSYSTEM, "security").append(SECURITY_DOMAIN, APP_SECURITY_DOMAIN);
ModelNode op = Util.createAddOperation(address.append(JSSE, Constants.CLASSIC));
op.get(TRUSTSTORE, PASSWORD).set("changeit");
op.get(TRUSTSTORE, URL).set(keystore.getPath());
//op.get(OPERATION_HEADERS).get(ALLOW_RESOURCE_SERVICE_RESTART).set(true);
domainSteps.add(op);
updates.add(compositeOp);
// Add the HTTPS socket binding.
op = new ModelNode();
op.get(OP).set(ADD);
op.get(OP_ADDR).add("socket-binding-group", "standard-sockets");
op.get(OP_ADDR).add("socket-binding", "https-test");
op.get("interface").set("public");
op.get("port").set(8380);
updates.add(op);
// Add the HTTPS connector.
final ModelNode composite = Util.getEmptyOperation(COMPOSITE, new ModelNode());
final ModelNode steps = composite.get(STEPS);
op = new ModelNode();
op.get(OP).set(ADD);
op.get(OP_ADDR).add(SUBSYSTEM, "undertow");
op.get(OP_ADDR).add("server", "default-server");
op.get(OP_ADDR).add("https-listener", "testConnector");
op.get("socket-binding").set("https-test");
op.get("enabled").set(true);
/*
* op.get("protocol").set("HTTP/1.1"); op.get("scheme").set("https");
*/
/* op.get("secure").set(true); */
op.get("security-realm").set("ssl-cert-realm");
op.get("verify-client").set("REQUIRED");
steps.add(op);
updates.add(composite);
applyUpdates(managementClient.getControllerClient(), updates);
log.debug("end of the domain creation");
ServerReload.executeReloadAndWaitForCompletion(managementClient.getControllerClient());
} catch (Exception e) {
log.error("Failed to setup domain creation.", e);
}
}
Also used :
PathAddress(org.jboss.as.controller.PathAddress)
ArrayList(java.util.ArrayList)
ModelNode(org.jboss.dmr.ModelNode)
URL(java.net.URL)
URL(org.jboss.as.security.Constants.URL)
Example 2 with URL
use of org.jboss.as.security.Constants.URL in project wildfly by wildfly.
the class WebCERTTestsSecurityDomainSetup method getSecurityRealms.
@Override
protected SecurityRealm[] getSecurityRealms() throws Exception {
URL keystoreResource = Thread.currentThread().getContextClassLoader().getResource("security/server.keystore");
URL truststoreResource = Thread.currentThread().getContextClassLoader().getResource("security/jsse.keystore");
RealmKeystore keystore = new RealmKeystore.Builder().keystorePassword("changeit").keystorePath(keystoreResource.getPath()).build();
RealmKeystore truststore = new RealmKeystore.Builder().keystorePassword("changeit").keystorePath(truststoreResource.getPath()).build();
return new SecurityRealm[] { new SecurityRealm.Builder().name("ssl-cert-realm").serverIdentity(new ServerIdentity.Builder().ssl(keystore).build()).authentication(new Authentication.Builder().truststore(truststore).build()).build() };
}
Also used :
ServerIdentity(org.jboss.as.test.integration.security.common.config.realm.ServerIdentity)
RealmKeystore(org.jboss.as.test.integration.security.common.config.realm.RealmKeystore)
SecurityRealm(org.jboss.as.test.integration.security.common.config.realm.SecurityRealm)
OperationBuilder(org.jboss.as.controller.client.OperationBuilder)
URL(java.net.URL)
URL(org.jboss.as.security.Constants.URL)
Aggregations
URL (java.net.URL)2
URL (org.jboss.as.security.Constants.URL)2
ArrayList (java.util.ArrayList)1
PathAddress (org.jboss.as.controller.PathAddress)1
OperationBuilder (org.jboss.as.controller.client.OperationBuilder)1
RealmKeystore (org.jboss.as.test.integration.security.common.config.realm.RealmKeystore)1
SecurityRealm (org.jboss.as.test.integration.security.common.config.realm.SecurityRealm)1
ServerIdentity (org.jboss.as.test.integration.security.common.config.realm.ServerIdentity)1
ModelNode (org.jboss.dmr.ModelNode)1
