Example 1 with JBossJSSESecurityDomain
use of org.jboss.security.JBossJSSESecurityDomain in project wildfly by wildfly.
the class SecurityDomainAdd method createJSSESecurityDomain.
private JSSESecurityDomain createJSSESecurityDomain(OperationContext context, String securityDomain, ModelNode node) throws OperationFailedException {
node = peek(node, JSSE, CLASSIC);
if (node == null) {
return null;
}
final JBossJSSESecurityDomain jsseSecurityDomain = new JBossJSSESecurityDomain(securityDomain);
processKeyStore(context, node, KEYSTORE, new KeyStoreConfig() {
public void setKeyStorePassword(String value) throws Exception {
jsseSecurityDomain.setKeyStorePassword(value);
}
public void setKeyStoreType(String value) {
jsseSecurityDomain.setKeyStoreType(value);
}
public void setKeyStoreURL(String value) throws IOException {
jsseSecurityDomain.setKeyStoreURL(value);
}
public void setKeyStoreProvider(String value) {
jsseSecurityDomain.setKeyStoreProvider(value);
}
public void setKeyStoreProviderArgument(String value) {
jsseSecurityDomain.setKeyStoreProviderArgument(value);
}
});
processKeyStore(context, node, Constants.TRUSTSTORE, new KeyStoreConfig() {
public void setKeyStorePassword(String value) throws Exception {
jsseSecurityDomain.setTrustStorePassword(value);
}
public void setKeyStoreType(String value) {
jsseSecurityDomain.setTrustStoreType(value);
}
public void setKeyStoreURL(String value) throws IOException {
jsseSecurityDomain.setTrustStoreURL(value);
}
public void setKeyStoreProvider(String value) {
jsseSecurityDomain.setTrustStoreProvider(value);
}
public void setKeyStoreProviderArgument(String value) {
jsseSecurityDomain.setTrustStoreProviderArgument(value);
}
});
processKeyManager(context, node, Constants.KEY_MANAGER, new KeyManagerConfig() {
public void setKeyManagerFactoryAlgorithm(String value) {
jsseSecurityDomain.setKeyManagerFactoryAlgorithm(value);
}
public void setKeyManagerFactoryProvider(String value) {
jsseSecurityDomain.setKeyManagerFactoryProvider(value);
}
});
processKeyManager(context, node, Constants.TRUST_MANAGER, new KeyManagerConfig() {
public void setKeyManagerFactoryAlgorithm(String value) {
jsseSecurityDomain.setTrustManagerFactoryAlgorithm(value);
}
public void setKeyManagerFactoryProvider(String value) {
jsseSecurityDomain.setTrustManagerFactoryProvider(value);
}
});
String value;
if (node.hasDefined(CLIENT_ALIAS)) {
value = JSSEResourceDefinition.CLIENT_ALIAS.resolveModelAttribute(context, node).asString();
jsseSecurityDomain.setClientAlias(value);
}
if (node.hasDefined(SERVER_ALIAS)) {
value = JSSEResourceDefinition.SERVER_ALIAS.resolveModelAttribute(context, node).asString();
jsseSecurityDomain.setServerAlias(value);
}
if (node.hasDefined(CLIENT_AUTH)) {
boolean clientAuth = JSSEResourceDefinition.CLIENT_AUTH.resolveModelAttribute(context, node).asBoolean();
jsseSecurityDomain.setClientAuth(clientAuth);
}
if (node.hasDefined(SERVICE_AUTH_TOKEN)) {
value = JSSEResourceDefinition.SERVICE_AUTH_TOKEN.resolveModelAttribute(context, node).asString();
try {
jsseSecurityDomain.setServiceAuthToken(value);
} catch (Exception e) {
throw SecurityLogger.ROOT_LOGGER.runtimeException(e);
}
}
if (node.hasDefined(CIPHER_SUITES)) {
value = JSSEResourceDefinition.CIPHER_SUITES.resolveModelAttribute(context, node).asString();
jsseSecurityDomain.setCipherSuites(value);
}
if (node.hasDefined(PROTOCOLS)) {
value = JSSEResourceDefinition.PROTOCOLS.resolveModelAttribute(context, node).asString();
jsseSecurityDomain.setProtocols(value);
}
if (node.hasDefined(ADDITIONAL_PROPERTIES)) {
Properties properties = new Properties();
properties.putAll(JSSEResourceDefinition.ADDITIONAL_PROPERTIES.unwrap(context, node));
jsseSecurityDomain.setAdditionalProperties(properties);
}
return jsseSecurityDomain;
}
Also used :
IOException(java.io.IOException)
Properties(java.util.Properties)
JBossJSSESecurityDomain(org.jboss.security.JBossJSSESecurityDomain)
OperationFailedException(org.jboss.as.controller.OperationFailedException)
IOException(java.io.IOException)
Example 2 with JBossJSSESecurityDomain
use of org.jboss.security.JBossJSSESecurityDomain in project teiid by teiid.
the class JWTBearerTokenLoginModule method loadKeystore.
private static void loadKeystore(String keystoreURL, String keystorePassword, String keystoreType, String password) throws Exception, IOException {
if (securityDomain == null) {
securityDomain = new JBossJSSESecurityDomain("JWTBearer");
securityDomain.setKeyStorePassword(keystorePassword);
securityDomain.setKeyStoreType(keystoreType == null ? "JKS" : keystoreType);
securityDomain.setKeyStoreURL(keystoreURL);
securityDomain.setServiceAuthToken(password);
securityDomain.reloadKeyAndTrustStore();
}
}
Also used :
JBossJSSESecurityDomain(org.jboss.security.JBossJSSESecurityDomain)
Example 3 with JBossJSSESecurityDomain
use of org.jboss.security.JBossJSSESecurityDomain in project wildfly by wildfly.
the class WebSecurityCERTTestCase method getHttpsClient.
private static CloseableHttpClient getHttpsClient(String alias) {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
JBossJSSESecurityDomain jsseSecurityDomain = new JBossJSSESecurityDomain("client-cert");
jsseSecurityDomain.setKeyStorePassword("changeit");
ClassLoader tccl = Thread.currentThread().getContextClassLoader();
URL keystore = tccl.getResource("security/client.keystore");
jsseSecurityDomain.setKeyStoreURL(keystore.getPath());
jsseSecurityDomain.setClientAlias(alias);
jsseSecurityDomain.reloadKeyAndTrustStore();
KeyManager[] keyManagers = jsseSecurityDomain.getKeyManagers();
TrustManager[] trustManagers = jsseSecurityDomain.getTrustManagers();
ctx.init(keyManagers, trustManagers, null);
HostnameVerifier verifier = (string, ssls) -> true;
//SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SSLConnectionSocketFactory ssf = new SSLConnectionSocketFactory(ctx, verifier);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", ssf).build();
HttpClientConnectionManager ccm = new BasicHttpClientConnectionManager(registry);
return HttpClientBuilder.create().setSSLSocketFactory(ssf).setSSLHostnameVerifier(new NoopHostnameVerifier()).setConnectionManager(ccm).build();
} catch (Exception ex) {
ex.printStackTrace();
return null;
}
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
RegistryBuilder(org.apache.http.config.RegistryBuilder)
Arquillian(org.jboss.arquillian.junit.Arquillian)
URL(java.net.URL)
ServerSetup(org.jboss.as.arquillian.api.ServerSetup)
RunWith(org.junit.runner.RunWith)
TrustManager(javax.net.ssl.TrustManager)
JBossJSSESecurityDomain(org.jboss.security.JBossJSSESecurityDomain)
WebCERTTestsSecurityDomainSetup(org.jboss.as.test.integration.web.security.WebCERTTestsSecurityDomainSetup)
StatusLine(org.apache.http.StatusLine)
RunAsClient(org.jboss.arquillian.container.test.api.RunAsClient)
Registry(org.apache.http.config.Registry)
ArquillianResource(org.jboss.arquillian.test.api.ArquillianResource)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
ShrinkWrap(org.jboss.shrinkwrap.api.ShrinkWrap)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
CommonCriteria(org.jboss.as.test.categories.CommonCriteria)
Test(org.junit.Test)
HttpClientConnectionManager(org.apache.http.conn.HttpClientConnectionManager)
Category(org.junit.experimental.categories.Category)
KeyManager(javax.net.ssl.KeyManager)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
HttpGet(org.apache.http.client.methods.HttpGet)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
HttpResponse(org.apache.http.HttpResponse)
SecuredServlet(org.jboss.as.test.integration.web.security.SecuredServlet)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
ManagementClient(org.jboss.as.arquillian.container.ManagementClient)
Assert.assertEquals(org.junit.Assert.assertEquals)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
SSLContext(javax.net.ssl.SSLContext)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
JBossJSSESecurityDomain(org.jboss.security.JBossJSSESecurityDomain)
URL(java.net.URL)
TrustManager(javax.net.ssl.TrustManager)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
HttpClientConnectionManager(org.apache.http.conn.HttpClientConnectionManager)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
KeyManager(javax.net.ssl.KeyManager)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
Aggregations
JBossJSSESecurityDomain (org.jboss.security.JBossJSSESecurityDomain)3
IOException (java.io.IOException)1
URL (java.net.URL)1
Properties (java.util.Properties)1
HostnameVerifier (javax.net.ssl.HostnameVerifier)1
KeyManager (javax.net.ssl.KeyManager)1
SSLContext (javax.net.ssl.SSLContext)1
TrustManager (javax.net.ssl.TrustManager)1
HttpResponse (org.apache.http.HttpResponse)1
StatusLine (org.apache.http.StatusLine)1
HttpGet (org.apache.http.client.methods.HttpGet)1
Registry (org.apache.http.config.Registry)1
RegistryBuilder (org.apache.http.config.RegistryBuilder)1
HttpClientConnectionManager (org.apache.http.conn.HttpClientConnectionManager)1
ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)1
NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)1
SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)1
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)1
HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)1
BasicHttpClientConnectionManager (org.apache.http.impl.conn.BasicHttpClientConnectionManager)1
