Search in sources :

Example 1 with VaultSession

use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.

the class RemoveSecuredAttributeTestCase method testRemoveSecuredAttributeByDifferentVaultHandler.

/**
     * Test of remove secured attribute with another vault instance
     *
     * @throws Exception
     */
@Test
public void testRemoveSecuredAttributeByDifferentVaultHandler() throws Exception {
    VaultSession vaultSession = vaultHandler.getVaultSession();
    String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
    VaultHandler vaultHandler2 = createDefaultVaultHandler();
    VaultSession vaultSession2 = vaultHandler2.getVaultSession();
    assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession2.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
    assertCorrectAttributeRemoval(vaultSession2, securedAttribute);
}
Also used : VaultSession(org.jboss.as.security.vault.VaultSession) VaultHandler(org.jboss.as.test.integration.security.common.VaultHandler) Test(org.junit.Test)

Example 2 with VaultSession

use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.

the class RemoveSecuredAttributeTestCase method testRemoveSecuredAttributeByDifferentVaultSession.

/**
     * Test of remove secured attribute with another vault session because of possible caching
     *
     * @throws Exception
     */
@Test
public void testRemoveSecuredAttributeByDifferentVaultSession() throws Exception {
    VaultSession vaultSession = vaultHandler.getVaultSession();
    String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
    // Starting new vault session
    vaultSession.startVaultSession(VAULT_ALIAS);
    assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
    assertCorrectAttributeRemoval(vaultSession, securedAttribute);
}
Also used : VaultSession(org.jboss.as.security.vault.VaultSession) Test(org.junit.Test)

Example 3 with VaultSession

use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.

the class BasicVaultServerSetupTask method setup.

@Override
public void setup(ManagementClient managementClient, String containerId) throws Exception {
    // clean directory and keystore
    VaultHandler.cleanFilesystem(RESOURCE_LOCATION, false, KEY_STORE_FILE);
    // create vault keystore
    vaultHandler = new VaultHandler(KEY_STORE_FILE, VAULT_PASSWORD, null, RESOURCE_LOCATION, 128, VAULT_ALIAS, "87654321", 20);
    ModelNode op = new ModelNode();
    // save original vault setting
    LOGGER.trace("Saving original vault setting");
    op = Util.getReadAttributeOperation(VAULT_PATH, VAULT_OPTIONS);
    originalVault = (managementClient.getControllerClient().execute(new OperationBuilder(op).build())).get(RESULT);
    // remove original vault
    if (originalVault.get("KEYSTORE_URL") != null && originalVault.hasDefined("KEYSTORE_URL")) {
        op = Util.createRemoveOperation(VAULT_PATH);
        CoreUtils.applyUpdate(op, managementClient.getControllerClient());
    }
    // create new vault
    LOGGER.trace("Creating new vault");
    String keystoreURL = vaultHandler.getKeyStore();
    String encryptionDirectory = new File(RESOURCE_LOCATION).getAbsolutePath();
    String salt = "87654321";
    int iterationCount = 20;
    nonInteractiveSession = new VaultSession(keystoreURL, VAULT_PASSWORD, encryptionDirectory, salt, iterationCount);
    nonInteractiveSession.startVaultSession(VAULT_ALIAS);
    // create security attributes
    LOGGER.trace("Inserting attribute " + VAULT_ATTRIBUTE + " to vault");
    nonInteractiveSession.addSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME, VAULT_ATTRIBUTE.toCharArray());
    // create new vault setting in standalone
    op = Util.createAddOperation(VAULT_PATH);
    ModelNode vaultOption = op.get(VAULT_OPTIONS);
    vaultOption.get("KEYSTORE_URL").set(keystoreURL);
    if (externalVaultPassword != null) {
        vaultOption.get("KEYSTORE_PASSWORD").set(externalVaultPassword);
    } else {
        vaultOption.get("KEYSTORE_PASSWORD").set(nonInteractiveSession.getKeystoreMaskedPassword());
    }
    vaultOption.get("KEYSTORE_ALIAS").set(VAULT_ALIAS);
    vaultOption.get("SALT").set(salt);
    vaultOption.get("ITERATION_COUNT").set(Integer.toString(iterationCount));
    vaultOption.get("ENC_FILE_DIR").set(encryptionDirectory);
    CoreUtils.applyUpdate(op, managementClient.getControllerClient());
    LOGGER.debug("Vault created in server configuration");
}
Also used : OperationBuilder(org.jboss.as.controller.client.OperationBuilder) VaultSession(org.jboss.as.security.vault.VaultSession) ModelNode(org.jboss.dmr.ModelNode) File(java.io.File)

Example 4 with VaultSession

use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.

the class RemoveSecuredAttributeTestCase method testRemoveSecuredAttributeAndAddDifferent.

/**
     * Test of remove secured attribute and then add different secured attribute with the same name to the same vault block
     *
     * @throws Exception
     */
@Test
public void testRemoveSecuredAttributeAndAddDifferent() throws Exception {
    VaultSession vaultSession = vaultHandler.getVaultSession();
    String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
    assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
    assertCorrectAttributeRemoval(vaultSession, securedAttribute);
    VaultHandler vaultHandler2 = createDefaultVaultHandler();
    VaultSession vaultSession2 = vaultHandler2.getVaultSession();
    securedAttribute = addSecuredAttributeToDefaultVault(vaultSession2, ANOTHER_ATTRIBUTE_VALUE);
    assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession2.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ANOTHER_ATTRIBUTE_VALUE);
    assertCorrectAttributeRemoval(vaultSession2, securedAttribute);
}
Also used : VaultSession(org.jboss.as.security.vault.VaultSession) VaultHandler(org.jboss.as.test.integration.security.common.VaultHandler) Test(org.junit.Test)

Example 5 with VaultSession

use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.

the class RemoveSecuredAttributeTestCase method testRemoveNonExistentSecuredAttribute.

/**
     * Test of remove non existent secured attribute
     *
     * @throws Exception
     */
@Test
public void testRemoveNonExistentSecuredAttribute() throws Exception {
    VaultSession vaultSession = vaultHandler.getVaultSession();
    String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
    assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
    assertFalse("Method returned true and removed secured attribute with wrong vault block identifier. It should return false and shouldn't remove this secured attribute", vaultSession.removeSecuredAttribute(WRONG_VAULT_BLOCK, ATTRIBUTE_NAME));
    assertFalse("Method returned true and removed secured attribute with wrong attribute name. It should return false and shouldn't remove this secured attribute", vaultSession.removeSecuredAttribute(VAULT_BLOCK, WRONG_ATTRIBUTE_NAME));
    assertCorrectAttributeRemoval(vaultSession, securedAttribute);
}
Also used : VaultSession(org.jboss.as.security.vault.VaultSession) Test(org.junit.Test)

Aggregations

VaultSession (org.jboss.as.security.vault.VaultSession)6 Test (org.junit.Test)5 VaultHandler (org.jboss.as.test.integration.security.common.VaultHandler)2 File (java.io.File)1 OperationBuilder (org.jboss.as.controller.client.OperationBuilder)1 ModelNode (org.jboss.dmr.ModelNode)1