use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.
the class RemoveSecuredAttributeTestCase method testRemoveSecuredAttributeByDifferentVaultHandler.
/**
* Test of remove secured attribute with another vault instance
*
* @throws Exception
*/
@Test
public void testRemoveSecuredAttributeByDifferentVaultHandler() throws Exception {
VaultSession vaultSession = vaultHandler.getVaultSession();
String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
VaultHandler vaultHandler2 = createDefaultVaultHandler();
VaultSession vaultSession2 = vaultHandler2.getVaultSession();
assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession2.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
assertCorrectAttributeRemoval(vaultSession2, securedAttribute);
}
use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.
the class RemoveSecuredAttributeTestCase method testRemoveSecuredAttributeByDifferentVaultSession.
/**
* Test of remove secured attribute with another vault session because of possible caching
*
* @throws Exception
*/
@Test
public void testRemoveSecuredAttributeByDifferentVaultSession() throws Exception {
VaultSession vaultSession = vaultHandler.getVaultSession();
String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
// Starting new vault session
vaultSession.startVaultSession(VAULT_ALIAS);
assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
assertCorrectAttributeRemoval(vaultSession, securedAttribute);
}
use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.
the class BasicVaultServerSetupTask method setup.
@Override
public void setup(ManagementClient managementClient, String containerId) throws Exception {
// clean directory and keystore
VaultHandler.cleanFilesystem(RESOURCE_LOCATION, false, KEY_STORE_FILE);
// create vault keystore
vaultHandler = new VaultHandler(KEY_STORE_FILE, VAULT_PASSWORD, null, RESOURCE_LOCATION, 128, VAULT_ALIAS, "87654321", 20);
ModelNode op = new ModelNode();
// save original vault setting
LOGGER.trace("Saving original vault setting");
op = Util.getReadAttributeOperation(VAULT_PATH, VAULT_OPTIONS);
originalVault = (managementClient.getControllerClient().execute(new OperationBuilder(op).build())).get(RESULT);
// remove original vault
if (originalVault.get("KEYSTORE_URL") != null && originalVault.hasDefined("KEYSTORE_URL")) {
op = Util.createRemoveOperation(VAULT_PATH);
CoreUtils.applyUpdate(op, managementClient.getControllerClient());
}
// create new vault
LOGGER.trace("Creating new vault");
String keystoreURL = vaultHandler.getKeyStore();
String encryptionDirectory = new File(RESOURCE_LOCATION).getAbsolutePath();
String salt = "87654321";
int iterationCount = 20;
nonInteractiveSession = new VaultSession(keystoreURL, VAULT_PASSWORD, encryptionDirectory, salt, iterationCount);
nonInteractiveSession.startVaultSession(VAULT_ALIAS);
// create security attributes
LOGGER.trace("Inserting attribute " + VAULT_ATTRIBUTE + " to vault");
nonInteractiveSession.addSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME, VAULT_ATTRIBUTE.toCharArray());
// create new vault setting in standalone
op = Util.createAddOperation(VAULT_PATH);
ModelNode vaultOption = op.get(VAULT_OPTIONS);
vaultOption.get("KEYSTORE_URL").set(keystoreURL);
if (externalVaultPassword != null) {
vaultOption.get("KEYSTORE_PASSWORD").set(externalVaultPassword);
} else {
vaultOption.get("KEYSTORE_PASSWORD").set(nonInteractiveSession.getKeystoreMaskedPassword());
}
vaultOption.get("KEYSTORE_ALIAS").set(VAULT_ALIAS);
vaultOption.get("SALT").set(salt);
vaultOption.get("ITERATION_COUNT").set(Integer.toString(iterationCount));
vaultOption.get("ENC_FILE_DIR").set(encryptionDirectory);
CoreUtils.applyUpdate(op, managementClient.getControllerClient());
LOGGER.debug("Vault created in server configuration");
}
use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.
the class RemoveSecuredAttributeTestCase method testRemoveSecuredAttributeAndAddDifferent.
/**
* Test of remove secured attribute and then add different secured attribute with the same name to the same vault block
*
* @throws Exception
*/
@Test
public void testRemoveSecuredAttributeAndAddDifferent() throws Exception {
VaultSession vaultSession = vaultHandler.getVaultSession();
String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
assertCorrectAttributeRemoval(vaultSession, securedAttribute);
VaultHandler vaultHandler2 = createDefaultVaultHandler();
VaultSession vaultSession2 = vaultHandler2.getVaultSession();
securedAttribute = addSecuredAttributeToDefaultVault(vaultSession2, ANOTHER_ATTRIBUTE_VALUE);
assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession2.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ANOTHER_ATTRIBUTE_VALUE);
assertCorrectAttributeRemoval(vaultSession2, securedAttribute);
}
use of org.jboss.as.security.vault.VaultSession in project wildfly by wildfly.
the class RemoveSecuredAttributeTestCase method testRemoveNonExistentSecuredAttribute.
/**
* Test of remove non existent secured attribute
*
* @throws Exception
*/
@Test
public void testRemoveNonExistentSecuredAttribute() throws Exception {
VaultSession vaultSession = vaultHandler.getVaultSession();
String securedAttribute = addSecuredAttributeToDefaultVault(vaultSession, ATTRIBUTE_VALUE);
assertArrayEquals("Retrieved secured attribute differs from the saved", vaultSession.retrieveSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME), ATTRIBUTE_VALUE);
assertFalse("Method returned true and removed secured attribute with wrong vault block identifier. It should return false and shouldn't remove this secured attribute", vaultSession.removeSecuredAttribute(WRONG_VAULT_BLOCK, ATTRIBUTE_NAME));
assertFalse("Method returned true and removed secured attribute with wrong attribute name. It should return false and shouldn't remove this secured attribute", vaultSession.removeSecuredAttribute(VAULT_BLOCK, WRONG_ATTRIBUTE_NAME));
assertCorrectAttributeRemoval(vaultSession, securedAttribute);
}
Aggregations