Example 1 with SecurityModule
use of org.jboss.as.test.integration.security.common.config.SecurityModule in project wildfly by wildfly.
the class AbstractSecurityDomainsServerSetupTask method createJaspiAuthnNodes.
// Private methods -------------------------------------------------------
/**
* Creates authenticaton=>jaspi node and its child nodes.
*
* @param securityConfigurations
* @return
*/
private List<ModelNode> createJaspiAuthnNodes(JaspiAuthn securityConfigurations, String domainName) {
if (securityConfigurations == null) {
LOGGER.trace("No security configuration for JASPI module.");
return null;
}
if (securityConfigurations.getAuthnModules() == null || securityConfigurations.getAuthnModules().length == 0 || securityConfigurations.getLoginModuleStacks() == null || securityConfigurations.getLoginModuleStacks().length == 0) {
throw new IllegalArgumentException("Missing mandatory part of JASPI configuration in the security domain.");
}
final List<ModelNode> steps = new ArrayList<ModelNode>();
PathAddress domainAddress = PathAddress.pathAddress().append(SUBSYSTEM, SUBSYSTEM_SECURITY).append(SECURITY_DOMAIN, domainName);
PathAddress jaspiAddress = domainAddress.append(org.jboss.as.test.integration.security.common.Constants.AUTHENTICATION, org.jboss.as.test.integration.security.common.Constants.JASPI);
steps.add(Util.createAddOperation(jaspiAddress));
for (final AuthnModule config : securityConfigurations.getAuthnModules()) {
LOGGER.trace("Adding auth-module: " + config);
final ModelNode securityModuleNode = Util.createAddOperation(jaspiAddress.append(AUTH_MODULE, config.getName()));
steps.add(securityModuleNode);
securityModuleNode.get(ModelDescriptionConstants.CODE).set(config.getName());
if (config.getFlag() != null) {
securityModuleNode.get(FLAG).set(config.getFlag());
}
if (config.getModule() != null) {
securityModuleNode.get(org.jboss.as.test.integration.security.common.Constants.MODULE).set(config.getModule());
}
if (config.getLoginModuleStackRef() != null) {
securityModuleNode.get(org.jboss.as.test.integration.security.common.Constants.LOGIN_MODULE_STACK_REF).set(config.getLoginModuleStackRef());
}
Map<String, String> configOptions = config.getOptions();
if (configOptions == null) {
LOGGER.trace("No module options provided.");
configOptions = Collections.emptyMap();
}
final ModelNode moduleOptionsNode = securityModuleNode.get(MODULE_OPTIONS);
for (final Map.Entry<String, String> entry : configOptions.entrySet()) {
final String optionName = entry.getKey();
final String optionValue = entry.getValue();
moduleOptionsNode.add(optionName, optionValue);
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Adding module option [" + optionName + "=" + optionValue + "]");
}
}
}
for (final LoginModuleStack lmStack : securityConfigurations.getLoginModuleStacks()) {
PathAddress lmStackAddress = jaspiAddress.append(org.jboss.as.test.integration.security.common.Constants.LOGIN_MODULE_STACK, lmStack.getName());
steps.add(Util.createAddOperation(lmStackAddress));
for (final SecurityModule config : lmStack.getLoginModules()) {
final String code = config.getName();
final ModelNode securityModuleNode = Util.createAddOperation(lmStackAddress.append(LOGIN_MODULE, code));
final String flag = StringUtils.defaultIfEmpty(config.getFlag(), org.jboss.as.test.integration.security.common.Constants.REQUIRED);
securityModuleNode.get(ModelDescriptionConstants.CODE).set(code);
securityModuleNode.get(FLAG).set(flag);
if (LOGGER.isInfoEnabled()) {
LOGGER.trace("Adding JASPI login module stack [code=" + code + ", flag=" + flag + "]");
}
Map<String, String> configOptions = config.getOptions();
if (configOptions == null) {
LOGGER.trace("No module options provided.");
configOptions = Collections.emptyMap();
}
final ModelNode moduleOptionsNode = securityModuleNode.get(MODULE_OPTIONS);
for (final Map.Entry<String, String> entry : configOptions.entrySet()) {
final String optionName = entry.getKey();
final String optionValue = entry.getValue();
moduleOptionsNode.add(optionName, optionValue);
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Adding module option [" + optionName + "=" + optionValue + "]");
}
}
securityModuleNode.get(OPERATION_HEADERS).get(ALLOW_RESOURCE_SERVICE_RESTART).set(true);
steps.add(securityModuleNode);
}
}
return steps;
}
Also used :
PathAddress(org.jboss.as.controller.PathAddress)
ArrayList(java.util.ArrayList)
LoginModuleStack(org.jboss.as.test.integration.security.common.config.LoginModuleStack)
ModelNode(org.jboss.dmr.ModelNode)
Map(java.util.Map)
AuthnModule(org.jboss.as.test.integration.security.common.config.AuthnModule)
SecurityModule(org.jboss.as.test.integration.security.common.config.SecurityModule)
Example 2 with SecurityModule
use of org.jboss.as.test.integration.security.common.config.SecurityModule in project wildfly by wildfly.
the class AbstractSecurityDomainsServerSetupTask method createSecurityModelNode.
/**
* Creates a {@link ModelNode} with the security component configuration. If the securityConfigurations array is empty or
* null, then null is returned.
*
* @param securityComponent name of security component (e.g. {@link org.jboss.as.test.integration.security.common.Constants#AUTHORIZATION})
* @param subnodeName name of the security component subnode, which holds module configurations (e.g.
* {@link org.jboss.as.test.integration.security.common.Constants#POLICY_MODULES})
* @param flagAttributeName name of attribute to which the value of {@link SecurityModule#getFlag()} is set
* @param flagDefaultValue default value for flagAttributeName attr.
* @param securityModules configurations
* @return ModelNode instance or null
*/
private boolean createSecurityModelNode(String securityComponent, String subnodeName, String flagAttributeName, String flagDefaultValue, final SecurityModule[] securityModules, String domainName, ModelNode operations) {
if (securityModules == null || securityModules.length == 0) {
if (LOGGER.isInfoEnabled()) {
LOGGER.trace("No security configuration for " + securityComponent + " module.");
}
return false;
}
PathAddress address = PathAddress.pathAddress().append(SUBSYSTEM, SUBSYSTEM_SECURITY).append(SECURITY_DOMAIN, domainName).append(securityComponent, CLASSIC);
operations.add(Util.createAddOperation(address));
for (final SecurityModule config : securityModules) {
final String code = config.getName();
final ModelNode securityModuleNode = Util.createAddOperation(address.append(subnodeName, code));
final String flag = StringUtils.defaultIfEmpty(config.getFlag(), flagDefaultValue);
securityModuleNode.get(ModelDescriptionConstants.CODE).set(code);
securityModuleNode.get(flagAttributeName).set(flag);
Map<String, String> configOptions = config.getOptions();
if (configOptions == null) {
LOGGER.trace("No module options provided.");
configOptions = Collections.emptyMap();
}
if (LOGGER.isInfoEnabled()) {
LOGGER.trace("Adding " + securityComponent + " module [code=" + code + ", " + flagAttributeName + "=" + flag + ", options = " + configOptions + "]");
}
final ModelNode moduleOptionsNode = securityModuleNode.get(MODULE_OPTIONS);
for (final Map.Entry<String, String> entry : configOptions.entrySet()) {
final String optionName = entry.getKey();
final String optionValue = entry.getValue();
moduleOptionsNode.add(optionName, optionValue);
}
securityModuleNode.get(OPERATION_HEADERS).get(ALLOW_RESOURCE_SERVICE_RESTART).set(true);
operations.add(securityModuleNode);
}
return true;
}
Also used :
PathAddress(org.jboss.as.controller.PathAddress)
ModelNode(org.jboss.dmr.ModelNode)
Map(java.util.Map)
SecurityModule(org.jboss.as.test.integration.security.common.config.SecurityModule)
Aggregations
Map (java.util.Map)2
PathAddress (org.jboss.as.controller.PathAddress)2
SecurityModule (org.jboss.as.test.integration.security.common.config.SecurityModule)2
ModelNode (org.jboss.dmr.ModelNode)2
ArrayList (java.util.ArrayList)1
AuthnModule (org.jboss.as.test.integration.security.common.config.AuthnModule)1
LoginModuleStack (org.jboss.as.test.integration.security.common.config.LoginModuleStack)1
