Example 1 with SimpleRealmEntry
use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-core by wildfly.
the class RealmDefinitions method getIdentityRealmDefinition.
static ResourceDefinition getIdentityRealmDefinition() {
AbstractAddStepHandler add = new TrivialAddHandler<SecurityRealm>(SecurityRealm.class, IDENTITY_REALM_ATTRIBUTES, SECURITY_REALM_RUNTIME_CAPABILITY) {
@Override
protected ValueSupplier<SecurityRealm> getValueSupplier(ServiceBuilder<SecurityRealm> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
final String identity = IDENTITY.resolveModelAttribute(context, model).asString();
final String attributeName = ATTRIBUTE_NAME.resolveModelAttribute(context, model).asStringOrNull();
final List<String> attributeValues = ATTRIBUTE_VALUES.unwrap(context, model);
return () -> {
final Map<String, ? extends Collection<String>> attributesMap;
if (attributeName != null) {
attributesMap = Collections.singletonMap(attributeName, Collections.unmodifiableList(attributeValues));
} else {
attributesMap = Collections.emptyMap();
}
final Map<String, SimpleRealmEntry> realmMap = Collections.singletonMap(identity, new SimpleRealmEntry(Collections.emptyList(), new MapAttributes(attributesMap)));
SimpleMapBackedSecurityRealm securityRealm = new SimpleMapBackedSecurityRealm();
securityRealm.setPasswordMap(realmMap);
return securityRealm;
};
}
};
return new TrivialResourceDefinition(ElytronDescriptionConstants.IDENTITY_REALM, add, IDENTITY_REALM_ATTRIBUTES, SECURITY_REALM_RUNTIME_CAPABILITY);
}
Also used :
OperationContext(org.jboss.as.controller.OperationContext)
SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)
SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry)
SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)
SecurityRealm(org.wildfly.security.auth.server.SecurityRealm)
ServiceBuilder(org.jboss.msc.service.ServiceBuilder)
AbstractAddStepHandler(org.jboss.as.controller.AbstractAddStepHandler)
MapAttributes(org.wildfly.security.authz.MapAttributes)
Collection(java.util.Collection)
ModelNode(org.jboss.dmr.ModelNode)
Map(java.util.Map)
Example 2 with SimpleRealmEntry
use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-core by wildfly.
the class JmxFacadeRbacEnabledTestCase method setupDomain.
@BeforeClass
public static void setupDomain() {
Map<String, SimpleRealmEntry> entries = new HashMap<>(StandardRole.values().length);
for (StandardRole role : StandardRole.values()) {
entries.put(roleToUserName(role), new SimpleRealmEntry(Collections.emptyList()));
}
SimpleMapBackedSecurityRealm securityRealm = new SimpleMapBackedSecurityRealm();
securityRealm.setPasswordMap(entries);
testDomain = SecurityDomain.builder().setDefaultRealmName("Default").addRealm("Default", securityRealm).build().setPermissionMapper((p, r) -> new LoginPermission()).build();
}
Also used :
SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)
StandardRole(org.jboss.as.controller.access.rbac.StandardRole)
SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry)
HashMap(java.util.HashMap)
LoginPermission(org.wildfly.security.auth.permission.LoginPermission)
BeforeClass(org.junit.BeforeClass)
Example 3 with SimpleRealmEntry
use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-core by wildfly.
the class JmxRbacTestCase method setupDomain.
@BeforeClass
public static void setupDomain() {
Map<String, SimpleRealmEntry> entries = new HashMap<>(StandardRole.values().length);
for (StandardRole role : StandardRole.values()) {
entries.put(roleToUserName(role), new SimpleRealmEntry(Collections.emptyList()));
}
SimpleMapBackedSecurityRealm securityRealm = new SimpleMapBackedSecurityRealm();
securityRealm.setPasswordMap(entries);
testDomain = SecurityDomain.builder().setDefaultRealmName("Default").addRealm("Default", securityRealm).build().setPermissionMapper((p, r) -> new LoginPermission()).build();
}
Also used :
SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)
StandardRole(org.jboss.as.controller.access.rbac.StandardRole)
SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry)
HashMap(java.util.HashMap)
LoginPermission(org.wildfly.security.auth.permission.LoginPermission)
BeforeClass(org.junit.BeforeClass)
Example 4 with SimpleRealmEntry
use of org.wildfly.security.auth.realm.SimpleRealmEntry in project quarkus by quarkusio.
the class ElytronPropertiesFileRecorder method loadRealm.
/**
* Load the embedded user and role information into the {@linkplain SecurityRealm}
*
* @param realm - a {@linkplain SimpleMapBackedSecurityRealm}
* @param config - the realm config
* @throws Exception
*/
public Runnable loadRealm(RuntimeValue<SecurityRealm> realm, MPRealmConfig config, MPRealmRuntimeConfig runtimeConfig) throws Exception {
return new Runnable() {
@Override
public void run() {
log.debugf("loadRealm, config=%s", config);
SecurityRealm secRealm = realm.getValue();
if (!(secRealm instanceof SimpleMapBackedSecurityRealm)) {
return;
}
SimpleMapBackedSecurityRealm memRealm = (SimpleMapBackedSecurityRealm) secRealm;
HashMap<String, SimpleRealmEntry> identityMap = new HashMap<>();
Map<String, String> userInfo = runtimeConfig.users;
log.debugf("UserInfoMap: %s%n", userInfo);
Map<String, String> roleInfo = runtimeConfig.roles;
log.debugf("RoleInfoMap: %s%n", roleInfo);
for (Map.Entry<String, String> userPasswordEntry : userInfo.entrySet()) {
Password password;
String user = userPasswordEntry.getKey();
if (runtimeConfig.plainText) {
password = ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, userPasswordEntry.getValue().toCharArray());
} else {
try {
byte[] hashed = ByteIterator.ofBytes(userPasswordEntry.getValue().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain();
password = PasswordFactory.getInstance(runtimeConfig.algorithm.getName(), new WildFlyElytronPasswordProvider()).generatePassword(new DigestPasswordSpec(user, config.realmName, hashed));
} catch (Exception e) {
throw new RuntimeException("Unable to register password for user:" + user + " make sure it is a valid hex encoded MD5 hash", e);
}
}
PasswordCredential passwordCred = new PasswordCredential(password);
List<Credential> credentials = new ArrayList<>();
credentials.add(passwordCred);
String rawRoles = roleInfo.get(user);
String[] roles = rawRoles != null ? rawRoles.split(",") : new String[0];
Attributes attributes = new MapAttributes();
for (String role : roles) {
attributes.addLast("groups", role);
}
SimpleRealmEntry entry = new SimpleRealmEntry(credentials, attributes);
identityMap.put(user, entry);
log.debugf("Added user(%s), roles=%s%n", user, attributes.get("groups"));
}
memRealm.setIdentityMap(identityMap);
}
};
}
Also used :
SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
Credential(org.wildfly.security.credential.Credential)
SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry)
HashMap(java.util.HashMap)
SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)
SecurityRealm(org.wildfly.security.auth.server.SecurityRealm)
LegacyPropertiesSecurityRealm(org.wildfly.security.auth.realm.LegacyPropertiesSecurityRealm)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
ArrayList(java.util.ArrayList)
MapAttributes(org.wildfly.security.authz.MapAttributes)
Attributes(org.wildfly.security.authz.Attributes)
IOException(java.io.IOException)
UncheckedIOException(java.io.UncheckedIOException)
WildFlyElytronPasswordProvider(org.wildfly.security.password.WildFlyElytronPasswordProvider)
MapAttributes(org.wildfly.security.authz.MapAttributes)
HashMap(java.util.HashMap)
Map(java.util.Map)
Password(org.wildfly.security.password.Password)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
DigestPasswordSpec(org.wildfly.security.password.spec.DigestPasswordSpec)
Example 5 with SimpleRealmEntry
use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-elytron by wildfly-security.
the class IdentityPropagationTest method addUser.
private static void addUser(Map<String, SimpleRealmEntry> securityRealm, String userName, String roles) {
MapAttributes attributes = new MapAttributes();
attributes.addAll(RoleDecoder.KEY_ROLES, Collections.singletonList(roles));
securityRealm.put(userName, new SimpleRealmEntry(Collections.emptyList(), attributes));
}
Also used :
MapAttributes(org.wildfly.security.authz.MapAttributes)
SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry)
Aggregations
SimpleRealmEntry (org.wildfly.security.auth.realm.SimpleRealmEntry)14
SimpleMapBackedSecurityRealm (org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)9
HashMap (java.util.HashMap)8
MapAttributes (org.wildfly.security.authz.MapAttributes)7
PasswordCredential (org.wildfly.security.credential.PasswordCredential)7
LoginPermission (org.wildfly.security.auth.permission.LoginPermission)5
Credential (org.wildfly.security.credential.Credential)5
Map (java.util.Map)4
BeforeClass (org.junit.BeforeClass)4
ClearPassword (org.wildfly.security.password.interfaces.ClearPassword)4
ClearPasswordSpec (org.wildfly.security.password.spec.ClearPasswordSpec)4
IOException (java.io.IOException)3
SecurityRealm (org.wildfly.security.auth.server.SecurityRealm)3
Attributes (org.wildfly.security.authz.Attributes)3
Password (org.wildfly.security.password.Password)3
ArrayList (java.util.ArrayList)2
Collections (java.util.Collections)2
StandardRole (org.jboss.as.controller.access.rbac.StandardRole)2
LegacyPropertiesSecurityRealm (org.wildfly.security.auth.realm.LegacyPropertiesSecurityRealm)2
RealmIdentity (org.wildfly.security.auth.server.RealmIdentity)2
