Example 6 with OnlineManagementClient
use of org.wildfly.extras.creaper.core.online.OnlineManagementClient in project keycloak by keycloak.
the class ConsoleProtectionTest method beforeConsoleProtectionTest.
@Before
public void beforeConsoleProtectionTest() throws IOException, OperationException {
Assume.assumeTrue("This testClass doesn't work with phantomjs", !"phantomjs".equals(System.getProperty("js.browser")));
try (OnlineManagementClient clientWorkerNodeClient = AppServerTestEnricher.getManagementClient()) {
Operations operations = new Operations(clientWorkerNodeClient);
Assume.assumeTrue(operations.exists(Address.subsystem("elytron").and("security-domain", "KeycloakDomain")));
// Create a realm for both wildfly console and mgmt interface
clientWorkerNodeClient.execute("/subsystem=keycloak/realm=jboss-infra:add(auth-server-url=" + getAuthServerContextRoot() + "/auth,realm-public-key=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB)");
// Create a secure-deployment in order to protect mgmt interface
clientWorkerNodeClient.execute("/subsystem=keycloak/secure-deployment=wildfly-management:add(realm=jboss-infra,resource=wildfly-management,principal-attribute=preferred_username,bearer-only=true,ssl-required=EXTERNAL)");
// Protect HTTP mgmt interface with Keycloak adapter
clientWorkerNodeClient.execute("/core-service=management/management-interface=http-interface:undefine-attribute(name=security-realm)");
clientWorkerNodeClient.execute("/subsystem=elytron/http-authentication-factory=keycloak-mgmt-http-authentication:add(security-domain=KeycloakDomain,http-server-mechanism-factory=wildfly-management,mechanism-configurations=[{mechanism-name=KEYCLOAK,mechanism-realm-configurations=[{realm-name=KeycloakOIDCRealm,realm-mapper=keycloak-oidc-realm-mapper}]}])");
clientWorkerNodeClient.execute("/core-service=management/management-interface=http-interface:write-attribute(name=http-authentication-factory,value=keycloak-mgmt-http-authentication)");
clientWorkerNodeClient.execute("/core-service=management/management-interface=http-interface:write-attribute(name=http-upgrade, value={enabled=true, sasl-authentication-factory=management-sasl-authentication})");
// Enable RBAC where roles are obtained from the identity
clientWorkerNodeClient.execute("/core-service=management/access=authorization:write-attribute(name=provider,value=rbac)");
clientWorkerNodeClient.execute("/core-service=management/access=authorization:write-attribute(name=use-identity-roles,value=true)");
// Create a secure-server in order to publish the wildfly console configuration via mgmt interface
clientWorkerNodeClient.execute("/subsystem=keycloak/secure-server=wildfly-console:add(realm=jboss-infra,resource=wildfly-console,public-client=true)");
log.debug("Reloading the server");
new Administration(clientWorkerNodeClient).reload();
log.debug("Reloaded");
} catch (CliException | IOException | InterruptedException | TimeoutException cause) {
throw new RuntimeException("Failed to configure app server", cause);
}
DroneUtils.addWebDriver(jsDriver);
log.debug("Added jsDriver");
}
Also used :
Administration(org.wildfly.extras.creaper.core.online.operations.admin.Administration)
CliException(org.wildfly.extras.creaper.core.online.CliException)
OnlineManagementClient(org.wildfly.extras.creaper.core.online.OnlineManagementClient)
IOException(java.io.IOException)
Operations(org.wildfly.extras.creaper.core.online.operations.Operations)
TimeoutException(java.util.concurrent.TimeoutException)
Before(org.junit.Before)
Example 7 with OnlineManagementClient
use of org.wildfly.extras.creaper.core.online.OnlineManagementClient in project keycloak by keycloak.
the class AbstractHostnameTest method executeCli.
private void executeCli(String... commands) throws Exception {
OnlineManagementClient client = AuthServerTestEnricher.getManagementClient();
Administration administration = new Administration(client);
LOGGER.debug("Running CLI commands:");
for (String c : commands) {
LOGGER.debug(c);
client.execute(c).assertSuccess();
}
LOGGER.debug("Done");
administration.reload();
client.close();
}
Also used :
Administration(org.wildfly.extras.creaper.core.online.operations.admin.Administration)
OnlineManagementClient(org.wildfly.extras.creaper.core.online.OnlineManagementClient)
Example 8 with OnlineManagementClient
use of org.wildfly.extras.creaper.core.online.OnlineManagementClient in project keycloak by keycloak.
the class KeycloakContainerEventsController method deployAndDropAllTables.
/**
* Drop all KeycloakDS database tables using liquibase dropAll method.
* @param restartContainer to pass more information from test annotation
*/
private void deployAndDropAllTables(RestartContainer restartContainer) {
for (Container c : containerRegistry.get().getContainers()) {
String containerName = c.getName();
log.infof("Deploy and dropAll at '%s'", containerName);
if (containerName == null || !containerName.startsWith("auth-server")) {
log.infof("Skipping deployAndDropAllTables for '%s'", containerName);
continue;
}
ContainerDef conf = c.getContainerConfiguration();
String mgmtPort = conf.getContainerProperty("managementPort");
if (mgmtPort == null || mgmtPort.isEmpty()) {
log.warnf("Skipping deployAndDropAllTables for '%s' due to not defined 'managementPort' property.", containerName);
continue;
}
OnlineManagementClient client = null;
try {
client = ManagementClient.online(OnlineOptions.standalone().hostAndPort("localhost", Integer.valueOf(mgmtPort).intValue()).build());
} catch (IOException e) {
throw new RuntimeException(e);
}
try {
WebArchive war = ShrinkWrap.create(WebArchive.class, DropAllServlet.WAR_NAME).addClass(DropAllServlet.class).addAsWebInfResource(new StringAsset(DropAllServlet.jbossDeploymentStructureContent), "jboss-deployment-structure.xml");
client.apply(new Deploy.Builder(war.as(ZipExporter.class).exportAsInputStream(), DropAllServlet.WAR_NAME, true).build());
if (restartContainer.intializeDatabaseWait() > 0) {
try {
Thread.sleep(restartContainer.intializeDatabaseWait());
} catch (InterruptedException e) {
log.warn(e);
}
}
client.apply(new Undeploy.Builder(DropAllServlet.WAR_NAME).build());
} catch (CommandFailedException e) {
log.error(e);
throw new RuntimeException(e);
}
}
}
Also used :
RestartContainer(org.keycloak.testsuite.arquillian.annotation.RestartContainer)
Container(org.jboss.arquillian.container.spi.Container)
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
DropAllServlet(org.keycloak.helpers.DropAllServlet)
OnlineManagementClient(org.wildfly.extras.creaper.core.online.OnlineManagementClient)
ContainerDef(org.jboss.arquillian.config.descriptor.api.ContainerDef)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
IOException(java.io.IOException)
CommandFailedException(org.wildfly.extras.creaper.core.CommandFailedException)
Aggregations
OnlineManagementClient (org.wildfly.extras.creaper.core.online.OnlineManagementClient)8
Administration (org.wildfly.extras.creaper.core.online.operations.admin.Administration)7
IOException (java.io.IOException)2
StartContainer (org.jboss.arquillian.container.spi.event.StartContainer)2
StopContainer (org.jboss.arquillian.container.spi.event.StopContainer)2
Before (org.junit.Before)2
TimeoutException (java.util.concurrent.TimeoutException)1
ContainerDef (org.jboss.arquillian.config.descriptor.api.ContainerDef)1
Container (org.jboss.arquillian.container.spi.Container)1
StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)1
WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)1
DropAllServlet (org.keycloak.helpers.DropAllServlet)1
RestartContainer (org.keycloak.testsuite.arquillian.annotation.RestartContainer)1
CommandFailedException (org.wildfly.extras.creaper.core.CommandFailedException)1
CliException (org.wildfly.extras.creaper.core.online.CliException)1
Operations (org.wildfly.extras.creaper.core.online.operations.Operations)1
