Search in sources :

Example 1 with SimpleRealmEntry

use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-core by wildfly.

the class RealmDefinitions method getIdentityRealmDefinition.

static ResourceDefinition getIdentityRealmDefinition() {
    AbstractAddStepHandler add = new TrivialAddHandler<SecurityRealm>(SecurityRealm.class, IDENTITY_REALM_ATTRIBUTES, SECURITY_REALM_RUNTIME_CAPABILITY) {

        @Override
        protected ValueSupplier<SecurityRealm> getValueSupplier(ServiceBuilder<SecurityRealm> serviceBuilder, OperationContext context, ModelNode model) throws OperationFailedException {
            final String identity = IDENTITY.resolveModelAttribute(context, model).asString();
            final String attributeName = ATTRIBUTE_NAME.resolveModelAttribute(context, model).asStringOrNull();
            final List<String> attributeValues = ATTRIBUTE_VALUES.unwrap(context, model);
            return () -> {
                final Map<String, ? extends Collection<String>> attributesMap;
                if (attributeName != null) {
                    attributesMap = Collections.singletonMap(attributeName, Collections.unmodifiableList(attributeValues));
                } else {
                    attributesMap = Collections.emptyMap();
                }
                final Map<String, SimpleRealmEntry> realmMap = Collections.singletonMap(identity, new SimpleRealmEntry(Collections.emptyList(), new MapAttributes(attributesMap)));
                SimpleMapBackedSecurityRealm securityRealm = new SimpleMapBackedSecurityRealm();
                securityRealm.setPasswordMap(realmMap);
                return securityRealm;
            };
        }
    };
    return new TrivialResourceDefinition(ElytronDescriptionConstants.IDENTITY_REALM, add, IDENTITY_REALM_ATTRIBUTES, SECURITY_REALM_RUNTIME_CAPABILITY);
}
Also used : OperationContext(org.jboss.as.controller.OperationContext) SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm) SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry) SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm) SecurityRealm(org.wildfly.security.auth.server.SecurityRealm) ServiceBuilder(org.jboss.msc.service.ServiceBuilder) AbstractAddStepHandler(org.jboss.as.controller.AbstractAddStepHandler) MapAttributes(org.wildfly.security.authz.MapAttributes) Collection(java.util.Collection) ModelNode(org.jboss.dmr.ModelNode) Map(java.util.Map)

Example 2 with SimpleRealmEntry

use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-core by wildfly.

the class JmxFacadeRbacEnabledTestCase method setupDomain.

@BeforeClass
public static void setupDomain() {
    Map<String, SimpleRealmEntry> entries = new HashMap<>(StandardRole.values().length);
    for (StandardRole role : StandardRole.values()) {
        entries.put(roleToUserName(role), new SimpleRealmEntry(Collections.emptyList()));
    }
    SimpleMapBackedSecurityRealm securityRealm = new SimpleMapBackedSecurityRealm();
    securityRealm.setPasswordMap(entries);
    testDomain = SecurityDomain.builder().setDefaultRealmName("Default").addRealm("Default", securityRealm).build().setPermissionMapper((p, r) -> new LoginPermission()).build();
}
Also used : SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm) StandardRole(org.jboss.as.controller.access.rbac.StandardRole) SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry) HashMap(java.util.HashMap) LoginPermission(org.wildfly.security.auth.permission.LoginPermission) BeforeClass(org.junit.BeforeClass)

Example 3 with SimpleRealmEntry

use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-core by wildfly.

the class JmxRbacTestCase method setupDomain.

@BeforeClass
public static void setupDomain() {
    Map<String, SimpleRealmEntry> entries = new HashMap<>(StandardRole.values().length);
    for (StandardRole role : StandardRole.values()) {
        entries.put(roleToUserName(role), new SimpleRealmEntry(Collections.emptyList()));
    }
    SimpleMapBackedSecurityRealm securityRealm = new SimpleMapBackedSecurityRealm();
    securityRealm.setPasswordMap(entries);
    testDomain = SecurityDomain.builder().setDefaultRealmName("Default").addRealm("Default", securityRealm).build().setPermissionMapper((p, r) -> new LoginPermission()).build();
}
Also used : SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm) StandardRole(org.jboss.as.controller.access.rbac.StandardRole) SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry) HashMap(java.util.HashMap) LoginPermission(org.wildfly.security.auth.permission.LoginPermission) BeforeClass(org.junit.BeforeClass)

Example 4 with SimpleRealmEntry

use of org.wildfly.security.auth.realm.SimpleRealmEntry in project quarkus by quarkusio.

the class ElytronPropertiesFileRecorder method loadRealm.

/**
 * Load the embedded user and role information into the {@linkplain SecurityRealm}
 *
 * @param realm - a {@linkplain SimpleMapBackedSecurityRealm}
 * @param config - the realm config
 * @throws Exception
 */
public Runnable loadRealm(RuntimeValue<SecurityRealm> realm, MPRealmConfig config, MPRealmRuntimeConfig runtimeConfig) throws Exception {
    return new Runnable() {

        @Override
        public void run() {
            log.debugf("loadRealm, config=%s", config);
            SecurityRealm secRealm = realm.getValue();
            if (!(secRealm instanceof SimpleMapBackedSecurityRealm)) {
                return;
            }
            SimpleMapBackedSecurityRealm memRealm = (SimpleMapBackedSecurityRealm) secRealm;
            HashMap<String, SimpleRealmEntry> identityMap = new HashMap<>();
            Map<String, String> userInfo = runtimeConfig.users;
            log.debugf("UserInfoMap: %s%n", userInfo);
            Map<String, String> roleInfo = runtimeConfig.roles;
            log.debugf("RoleInfoMap: %s%n", roleInfo);
            for (Map.Entry<String, String> userPasswordEntry : userInfo.entrySet()) {
                Password password;
                String user = userPasswordEntry.getKey();
                if (runtimeConfig.plainText) {
                    password = ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, userPasswordEntry.getValue().toCharArray());
                } else {
                    try {
                        byte[] hashed = ByteIterator.ofBytes(userPasswordEntry.getValue().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain();
                        password = PasswordFactory.getInstance(runtimeConfig.algorithm.getName(), new WildFlyElytronPasswordProvider()).generatePassword(new DigestPasswordSpec(user, config.realmName, hashed));
                    } catch (Exception e) {
                        throw new RuntimeException("Unable to register password for user:" + user + " make sure it is a valid hex encoded MD5 hash", e);
                    }
                }
                PasswordCredential passwordCred = new PasswordCredential(password);
                List<Credential> credentials = new ArrayList<>();
                credentials.add(passwordCred);
                String rawRoles = roleInfo.get(user);
                String[] roles = rawRoles != null ? rawRoles.split(",") : new String[0];
                Attributes attributes = new MapAttributes();
                for (String role : roles) {
                    attributes.addLast("groups", role);
                }
                SimpleRealmEntry entry = new SimpleRealmEntry(credentials, attributes);
                identityMap.put(user, entry);
                log.debugf("Added user(%s), roles=%s%n", user, attributes.get("groups"));
            }
            memRealm.setIdentityMap(identityMap);
        }
    };
}
Also used : SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm) PasswordCredential(org.wildfly.security.credential.PasswordCredential) Credential(org.wildfly.security.credential.Credential) SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry) HashMap(java.util.HashMap) SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm) SecurityRealm(org.wildfly.security.auth.server.SecurityRealm) LegacyPropertiesSecurityRealm(org.wildfly.security.auth.realm.LegacyPropertiesSecurityRealm) PasswordCredential(org.wildfly.security.credential.PasswordCredential) ArrayList(java.util.ArrayList) MapAttributes(org.wildfly.security.authz.MapAttributes) Attributes(org.wildfly.security.authz.Attributes) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) WildFlyElytronPasswordProvider(org.wildfly.security.password.WildFlyElytronPasswordProvider) MapAttributes(org.wildfly.security.authz.MapAttributes) HashMap(java.util.HashMap) Map(java.util.Map) Password(org.wildfly.security.password.Password) ClearPassword(org.wildfly.security.password.interfaces.ClearPassword) DigestPasswordSpec(org.wildfly.security.password.spec.DigestPasswordSpec)

Example 5 with SimpleRealmEntry

use of org.wildfly.security.auth.realm.SimpleRealmEntry in project wildfly-elytron by wildfly-security.

the class IdentityPropagationTest method addUser.

private static void addUser(Map<String, SimpleRealmEntry> securityRealm, String userName, String roles) {
    MapAttributes attributes = new MapAttributes();
    attributes.addAll(RoleDecoder.KEY_ROLES, Collections.singletonList(roles));
    securityRealm.put(userName, new SimpleRealmEntry(Collections.emptyList(), attributes));
}
Also used : MapAttributes(org.wildfly.security.authz.MapAttributes) SimpleRealmEntry(org.wildfly.security.auth.realm.SimpleRealmEntry)

Aggregations

SimpleRealmEntry (org.wildfly.security.auth.realm.SimpleRealmEntry)14 SimpleMapBackedSecurityRealm (org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm)9 HashMap (java.util.HashMap)8 MapAttributes (org.wildfly.security.authz.MapAttributes)7 PasswordCredential (org.wildfly.security.credential.PasswordCredential)7 LoginPermission (org.wildfly.security.auth.permission.LoginPermission)5 Credential (org.wildfly.security.credential.Credential)5 Map (java.util.Map)4 BeforeClass (org.junit.BeforeClass)4 ClearPassword (org.wildfly.security.password.interfaces.ClearPassword)4 ClearPasswordSpec (org.wildfly.security.password.spec.ClearPasswordSpec)4 IOException (java.io.IOException)3 SecurityRealm (org.wildfly.security.auth.server.SecurityRealm)3 Attributes (org.wildfly.security.authz.Attributes)3 Password (org.wildfly.security.password.Password)3 ArrayList (java.util.ArrayList)2 Collections (java.util.Collections)2 StandardRole (org.jboss.as.controller.access.rbac.StandardRole)2 LegacyPropertiesSecurityRealm (org.wildfly.security.auth.realm.LegacyPropertiesSecurityRealm)2 RealmIdentity (org.wildfly.security.auth.server.RealmIdentity)2