.classpath
| 8
modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsComponent.java
| 867 +++++
modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsDiscoveryComponent.java
| 188 +
modules/plugins/jboss-as-7/src/main/resources/META-INF/rhq-plugin.xml
| 1503 +++++-----
modules/plugins/jboss-as-7/src/test/java/org/rhq/modules/plugins/jbossas7/SecurityModuleOptionsTest.java
| 319 ++
5 files changed, 2203 insertions(+), 682 deletions(-)
New commits:
commit 2918e9c7df1d792b2b91f2e412ef7d2187cd55d4
Author: Simeon Pinder <spinder(a)redhat.com>
Date: Tue Jun 5 16:55:29 2012 -0400
[BZ 826542] Adding support for security-domain child nodes
(authentication=classic,authentication=jaspi,audit=classic,audit=classic,acl=classic,authorization=classic,identity-trust=classic,mapping=classic].
-Explicitly allows the creation of and update of N ModuleOptionType instances and support
of N module options for each type instance.
diff --git a/.classpath b/.classpath
index fd400dc..76e080c 100644
--- a/.classpath
+++ b/.classpath
@@ -153,7 +153,7 @@
<classpathentry kind="src"
path="modules/helpers/pluginAnnotations/src/main/java"/>
<classpathentry kind="src"
path="modules/helpers/pluginGen/src/main/java"/>
<classpathentry kind="src"
path="modules/helpers/perftest-support/src/main/java"/>
- <classpathentry kind="src"
path="modules/helpers/rtfilter/src/main/java"/>
+ <classpathentry kind="src"
path="modules/helpers/rtfilter/src/main/java"/>
<classpathentry kind="src"
path="modules/core/plugin-container-itest/src/test/java"/>
<classpathentry kind="src"
path="modules/core/plugin-test-util/src/main/java"/>
<classpathentry kind="src"
path="modules/core/arquillian-integration/container/src/test/java"/>
@@ -241,7 +241,7 @@
<classpathentry exported="true" kind="var"
path="M2_REPO/org/jboss/jbossws/jbossws-native-core/3.1.1.GA/jbossws-native-core-3.1.1.GA.jar"/>
<classpathentry exported="true" kind="var"
path="M2_REPO/org/apache/maven/maven-project/2.0.8/maven-project-2.0.8.jar"/>
<classpathentry exported="true" kind="var"
path="M2_REPO/org/apache/maven/maven-plugin-api/2.0.8/maven-plugin-api-2.0.8.jar"/>
- <classpathentry exported="true" kind="var"
path="M2_REPO/org/codehaus/swizzle/swizzle-confluence/1.6.1/swizzle-confluence-1.6.1.jar"/>
+ <classpathentry exported="true" kind="var"
path="M2_REPO/org/codehaus/swizzle/1.6.1/swizzle-confluence-1.6.1.jar"/>
<classpathentry exported="true" kind="var"
path="M2_REPO/org/jvnet/inflector/0.7.0/inflector-0.7.0.jar"/>
<classpathentry exported="true" kind="var"
path="M2_REPO/net/augeas/augeas/0.0.2/augeas-0.0.2.jar"/>
<classpathentry exported="true" kind="var"
path="M2_REPO/org/json/json/20080701/json-20080701.jar"/>
@@ -308,7 +308,7 @@
<classpathentry exported="true" kind="var"
path="M2_REPO/org/jboss/arquillian/container/arquillian-container-spi/1.0.0.Final/arquillian-container-spi-1.0.0.Final.jar"/>
<classpathentry exported="true" kind="var"
path="M2_REPO/org/jboss/arquillian/container/arquillian-container-test-api/1.0.0.Final/arquillian-container-test-api-1.0.0.Final.jar"/>
<classpathentry exported="true" kind="var"
path="M2_REPO/org/jboss/arquillian/testng/arquillian-testng-core/1.0.0.Final/arquillian-testng-core-1.0.0.Final.jar"/>
- <classpathentry exported="true" kind="var"
path="M2_REPO/com/wordnik/swagger-annotations_2.9.1/1.1-SNAPSHOT/swagger-annotations_2.9.1-1.1-20120531.064118-1.jar"/>
- <classpathentry exported="true" kind="var"
path="M2_REPO/org/jboss/byteman/byteman/1.2.1/byteman-1.2.1.jar"/>
+ <classpathentry exported="true" kind="var"
path="M2_REPO/com/wordnik/swagger-annotations_2.9.1/1.1-SNAPSHOT/swagger-annotations_2.9.1-1.1-20120531.064118-1.jar"/>
+ <classpathentry exported="true" kind="var"
path="M2_REPO/org/jboss/byteman/byteman/1.2.1/byteman-1.2.1.jar"/>
<classpathentry kind="output" path="eclipse-classes"/>
</classpath>
diff --git
a/modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsComponent.java
b/modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsComponent.java
new file mode 100644
index 0000000..d486542
--- /dev/null
+++
b/modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsComponent.java
@@ -0,0 +1,867 @@
+package org.rhq.modules.plugins.jbossas7;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.codehaus.jackson.annotate.JsonProperty;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+import org.codehaus.jackson.map.annotate.JsonSerialize.Inclusion;
+
+import org.rhq.core.domain.configuration.Configuration;
+import org.rhq.core.domain.configuration.ConfigurationUpdateStatus;
+import org.rhq.core.domain.configuration.PropertyMap;
+import org.rhq.core.domain.configuration.PropertySimple;
+import org.rhq.core.domain.configuration.definition.ConfigurationDefinition;
+import org.rhq.core.domain.resource.CreateResourceStatus;
+import org.rhq.core.domain.resource.ResourceType;
+import org.rhq.core.pluginapi.configuration.ConfigurationFacet;
+import org.rhq.core.pluginapi.configuration.ConfigurationUpdateReport;
+import org.rhq.core.pluginapi.inventory.CreateChildResourceFacet;
+import org.rhq.core.pluginapi.inventory.CreateResourceReport;
+import org.rhq.core.pluginapi.inventory.DeleteResourceFacet;
+import org.rhq.modules.plugins.jbossas7.json.Address;
+import org.rhq.modules.plugins.jbossas7.json.Operation;
+import org.rhq.modules.plugins.jbossas7.json.ReadAttribute;
+import org.rhq.modules.plugins.jbossas7.json.ReadChildrenNames;
+import org.rhq.modules.plugins.jbossas7.json.Result;
+import org.rhq.modules.plugins.jbossas7.json.WriteAttribute;
+
+/**
+ * Component class for Module Options. Necessary because Module Options are child
+ * attributes of another as7 node attribute and cannot be created/updated without
+ * rewriting the parent attribute as well. The following as7 node snippets shows how
the
+ * 'login-modules' attribute contains both simple and complex child attributes.
The complex
+ * 'module-options' child attribute values can be numerous and can/may need to be
modifiable
+ * independently.
+ * Read:
+ * [standalone@localhost:9999 authentication=classic]
:read-attribute(name=login-modules)
+ {
+ "outcome" => "success",
+ "result" => [{
+ "code" => "Ldap",
+ "flag" => "requisite",
+ "module-options" =>
[("bindDn"=>"uid=ldapUser,ou=People,dc=redat,dc=com")]
+ }]
+ }
+ * Write back:
+ [standalone@localhost:9999 authentication=classic]
+ :write-attribute(name=login-modules,
+
value=[{"code"=>"Ldap","flag"=>"required",
+
"module-options"=>[("bindDn"=>"uid=ldapSecureUser,ou=People,dc=redat,dc=com")]}])
+ {
+ "outcome" => "success",
+ "response-headers" => {
+ "operation-requires-reload" => true,
+ "process-state" => "reload-required"
+ }
+ }
+ *
+ * @author Simeon Pinder
+ */
+public class ModuleOptionsComponent extends BaseComponent implements ConfigurationFacet,
DeleteResourceFacet,
+ CreateChildResourceFacet {
+
+ //shared identifier for module-options attribute reused by all nodes with Module
Options
+ private static String moduleOptionsNode = ",module-options";
+
+ //Module Option type attribute identifiers
+ private static String loginModules = "login-modules";//Authentication
(Classic,-Managed Server,-Profile)
+ private static String aclModules = "acl-modules";//Acl
+ private static String providerModules = "provider-modules";//Audit
+ private static String policyModules = "policy-modules";//Authorization
+ private static String trustModules = "trust-modules";//IdentityTrust
+ private static String mappingModules = "mapping-modules";//Mapping
+ private static String authModules = "auth-modules";//Authentication
(Jaspi,-Managed Server,-Profile)
+
+ //Enumerates list of AS7 types that support module options.
+ public enum ModuleOptionType {
+ Acl(aclModules), Audit(providerModules), Authentication(loginModules),
AuthenticationJaspi(authModules), Authorization(
+ policyModules), IdentityTrust(
+ trustModules), Mapping(mappingModules);
+ private String attribute = "";
+
+ //stores mapping of as7 attribute name to module option type mapping Ex.
login-modules -> Authentication Module Option Type.
+ public static HashMap<String, ModuleOptionType> typeMap = new
HashMap<String, ModuleOptionType>();
+ static {//populate all module option type mappings
+ for (ModuleOptionType type : ModuleOptionType.values()) {
+ typeMap.put(type.getAttribute(), type);
+ }
+ }
+ //Stores mapping of as7 attribute name to more user friendly Module option type
+ public static Map<String, String> readableNameMap = new HashMap<String,
String>();
+ static {
+ readableNameMap.put(aclModules, "ACL Modules");
+ readableNameMap.put(providerModules, "Provider Modules");
+ readableNameMap.put(loginModules, "Login
Modules");//Authentication=classic
+ readableNameMap.put(authModules, "Auth
Modules");//Authentication=jaspi
+ readableNameMap.put(policyModules, "Policy Modules");
+ readableNameMap.put(trustModules, "Trust Modules");
+ readableNameMap.put(mappingModules, "Mapping Modules");
+ }
+
+ public String getAttribute() {
+ return attribute;
+ }
+
+ private ModuleOptionType(String attribute) {
+ this.attribute = attribute;
+ }
+ }
+
+ //Strings unique to nodes
+ private static String AUTH_CLASSIC_NODE = "Authentication (Classic";
+ private static String AUTH_JASPI_NODE = "Authentication (Jaspi";
+ private static String ACL_NODE = "ACL";
+ private static String AUDIT_NODE = "Audit";
+ private static String AUTHORIZATION_NODE = "Authorization";
+ private static String TRUST_NODE = "Identity Trust";
+ private static String MAPPING_NODE = "Mapping";
+ private static String[] supportedModuleOptionTypeNodes = { AUTH_CLASSIC_NODE,
AUTH_JASPI_NODE, ACL_NODE,
+ AUDIT_NODE, AUTHORIZATION_NODE, TRUST_NODE, MAPPING_NODE };
+
+ //define operation/type mappings where specific plugin descriptor nodes map to
specific
+ // as7 node names.
+ public static HashMap<String, String> attributeMap = new HashMap<String,
String>();
+ static {
+ attributeMap.put(AUTH_CLASSIC_NODE + ")", loginModules);
+ attributeMap.put(AUTH_CLASSIC_NODE + " - Managed Server)",
loginModules);
+ attributeMap.put(AUTH_CLASSIC_NODE + " - Profile)", loginModules);
+ attributeMap.put(AUTH_JASPI_NODE + ")", authModules);
+ attributeMap.put(AUTH_JASPI_NODE + " - Managed Server)", authModules);
+ attributeMap.put(AUTH_JASPI_NODE + " - Profile)", authModules);
+ attributeMap.put(ACL_NODE, aclModules);
+ attributeMap.put(ACL_NODE + " (Managed Server)", aclModules);
+ attributeMap.put(ACL_NODE + " (Profile)", aclModules);
+ attributeMap.put(AUDIT_NODE, providerModules);
+ attributeMap.put(AUDIT_NODE + " (Managed Server)", providerModules);
+ attributeMap.put(AUDIT_NODE + " (Profile)", providerModules);
+ attributeMap.put(AUTHORIZATION_NODE, policyModules);
+ attributeMap.put(AUTHORIZATION_NODE + " (Managed Server)",
policyModules);
+ attributeMap.put(AUTHORIZATION_NODE + " (Profile)", policyModules);
+ attributeMap.put(TRUST_NODE, trustModules);
+ attributeMap.put(TRUST_NODE + " (Managed Server)", trustModules);
+ attributeMap.put(TRUST_NODE + " (Profile)", trustModules);
+ attributeMap.put(MAPPING_NODE, mappingModules);
+ attributeMap.put(MAPPING_NODE + " (Managed Server)", mappingModules);
+ attributeMap.put(MAPPING_NODE + " (Profile)", mappingModules);
+ }
+
+ public static HashMap<String, String> newChildTypeMap = new HashMap<String,
String>();
+ static {
+ newChildTypeMap.put(loginModules, "authentication=classic");
+ newChildTypeMap.put(authModules, "authentication=jaspi");
+ newChildTypeMap.put(aclModules, "acl=classic");
+ newChildTypeMap.put(providerModules, "audit=classic");
+ newChildTypeMap.put(policyModules, "authorization=classic");
+ newChildTypeMap.put(trustModules, "identity-trust=classic");
+ newChildTypeMap.put(mappingModules, "mapping=classic");
+ }
+
+ @Override
+ public CreateResourceReport createResource(CreateResourceReport report) {
+
+ if (report.getPackageDetails() != null) { // Content deployment
+ return deployContent(report);
+ } else {
+ ASConnection connection = getASConnection();
+
+ // Check for the Highlander principle
+ boolean isSingleton = report.getResourceType().isSingleton();
+ if (isSingleton) {
+ // check if there is already a child with the desired type is present
+ Configuration pluginConfig = report.getPluginConfiguration();
+ PropertySimple pathProperty = pluginConfig.getSimple("path");
+ if (path == null || path.isEmpty()) {
+ report.setErrorMessage("No path property found in plugin
configuration");
+ report.setStatus(CreateResourceStatus.INVALID_CONFIGURATION);
+ return report;
+ }
+
+ ReadChildrenNames op = new ReadChildrenNames(address,
pathProperty.getStringValue());
+ Result res = connection.execute(op);
+ if (res.isSuccess()) {
+ List<String> entries = (List<String>) res.getResult();
+ if (!entries.isEmpty()) {
+ report.setErrorMessage("Resource is a singleton, but there
are already children " + entries
+ + " please remove them and retry");
+ report.setStatus(CreateResourceStatus.FAILURE);
+ return report;
+ }
+ }
+ }
+
+ //determine type then attribute
+ ResourceType resourceType = report.getResourceType();
+ String attribute = attributeMap.get(resourceType.getName());
+ //determine new child name from attribute
+ String newChild = newChildTypeMap.get(attribute);
+
+ //get resourceConfig
+ Configuration configuration = report.getResourceConfiguration();
+
+ if(attribute!=null){//create executed from SecurityDomain level
+
+ //retrieve the values passed in via config
+ Value loaded = loadCodeFlagType(configuration, attribute, null);
+
+ //populate the ModuleOptionType from the Configuration
+ List<Value> newAttributeState = new ArrayList<Value>();
+ newAttributeState.add(loaded);
+
+ //build the operation
+ //update the address to point to the new child being created
+ Address newChildLocation = new Address(path + "," + newChild);
+ Operation op = createAddModuleOptionTypeOperation(newChildLocation,
attribute, newAttributeState);
+
+ Result result = connection.execute(op);
+ if (result.isSuccess()) {
+ report.setStatus(CreateResourceStatus.SUCCESS);
+ report.setResourceKey(newChildLocation.getPath());
+ report.setResourceName(report.getResourceType().getName());
+ } else {
+ report.setStatus(CreateResourceStatus.FAILURE);
+ report.setErrorMessage(result.getFailureDescription());
+ }
+ }else{//Create executed from the 'Login Modules/Provider Modules/etc.
level.
+ //retrieve the parent type to lookup attribute to write to
+ ResourceType parentType = (ResourceType)
resourceType.getParentResourceTypes().toArray()[0];
+ attribute = attributeMap.get(parentType.getName());
+
+ //retrieve existing attribute definition
+ //get the current attribute value
+ ReadAttribute op = new ReadAttribute(address, attribute);
+ Result result = getASConnection().execute(op);
+ if (result.isSuccess()) {
+ //populate attribute values
+ List<Value> currentAttributeState = new
ArrayList<Value>();
+ currentAttributeState =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+ //populate new Module type data
+ //retrieve the values passed in via config
+ Value loaded = loadCodeFlagType(configuration, attribute, null);
+
+ //append new type information
+ currentAttributeState.add(loaded);
+ //write values back out.
+ Operation write = new WriteAttribute(address);
+ write.addAdditionalProperty("name", attribute);//attribute
to execute on
+
+ //now complete the write operation by updating the value
+ write.addAdditionalProperty("value", (Object)
currentAttributeState);
+ result = connection.execute(write);
+ if (result.isSuccess()) {
+ report.setStatus(CreateResourceStatus.SUCCESS);
+ //Ex.
subsystem=security,security-domain=createOne,authentication=classic,login-modules:0
+ report.setResourceKey(path + "," + attribute +
":" + (currentAttributeState.size() - 1));
+ //Ex. Login Modules 0
+
report.setResourceName(ModuleOptionType.readableNameMap.get(attribute) + " "
+ + (currentAttributeState.size() - 1));
+ } else {
+ report.setStatus(CreateResourceStatus.FAILURE);
+ report.setErrorMessage(result.getFailureDescription());
+ }
+ }
+ }
+ return report;
+ }
+ }
+
+ @Override
+ public Configuration loadResourceConfiguration() throws Exception {
+ Configuration configuration = new Configuration();
+
+ //determine the component
+ ResourceType resourceType = context.getResourceType();
+ Set<ResourceType> nodeParentTypes =
context.getResourceType().getParentResourceTypes();
+ ResourceType parentType = (ResourceType) nodeParentTypes.toArray()[0];
+ ResourceType grandParentType = (ResourceType)
parentType.getParentResourceTypes().toArray()[0];
+
+ //For each Module Option type, like Authentication (Classic) and the immediate
+ // child node of each, the configuration is shared as it is in the AS7 node as
well.
+ if (isSupportedModuleOptionTypeOrImmediateChildOf(parentType, resourceType))
{//Classic, Managed, Profile
+ boolean currentNodeIsModuleType = false;
+ //if the current resourceType is included in the attributeMap then it is an
actual Module Option Type.
+ if (ModuleOptionsComponent.attributeMap.get(resourceType.getName()) != null)
{
+ currentNodeIsModuleType = true;
+ }
+ //get type and lookup supported node and type
+ //retrieve the parent resource
+ String attribute =
ModuleOptionsComponent.attributeMap.get(parentType.getName());
+ if (currentNodeIsModuleType) {//if is an actual Module Option Type then
update attribute retrieved.
+ attribute =
ModuleOptionsComponent.attributeMap.get(resourceType.getName());
+ }
+
+ //get the current attribute value
+ ReadAttribute op = new ReadAttribute(address, attribute);
+ Result result = getASConnection().execute(op);
+ if (result.isSuccess()) {
+ //populate attribute values
+ List<Value> currentAttributeState = new ArrayList<Value>();
+ currentAttributeState =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+ if (currentNodeIsModuleType) {//grab first available module type
+ Value loaded = currentAttributeState.get(0);
+ //populate configuration
+ populateCodeFlagType(configuration, attribute, loaded);
+ } else {//Need to locate specific module type
+ //locate specific node and populate the config
+ //Ex."login-modules:";
+ String moduleTypeIdentifier = attribute + ":";
+ int index = path.indexOf(moduleTypeIdentifier);
+ String loginModuleIndex = path.substring(index +
moduleTypeIdentifier.length());
+ int lmi = Integer.valueOf(loginModuleIndex);//Ex 0,1,30
+ if (currentAttributeState.size() > lmi) {//then retrieve.
+ Value loaded = currentAttributeState.get(lmi);
+ //populate configuration
+ populateCodeFlagType(configuration, attribute, loaded);
+ }
+ }
+ }
+ //read attribute
+ return configuration;
+ }
+ //Module Options child, Ex. 'Login Modules (Classic', ..-Managed, .. -
Profile
+ else if (supportsLoginModuleOptionType(grandParentType)) {
+ //get type and lookup supported node and type
+ String attribute =
ModuleOptionsComponent.attributeMap.get(grandParentType.getName());
+
+ //get the current attribute value
+ ReadAttribute op = new ReadAttribute(address, attribute);
+ Result result = getASConnection().execute(op);
+ if (result.isSuccess()) {
+ //populate attribute values
+ List<Value> currentAttributeState = new ArrayList<Value>();
+ currentAttributeState =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+
+ //locate specific node and populate the config
+ //Ex."login-modules:";
+ String moduleTypeIdentifier = attribute + ":";
+ int index = path.indexOf(moduleTypeIdentifier);
+ String loginModuleIndex = path.substring(index +
moduleTypeIdentifier.length());
+ String[] split = loginModuleIndex.split(",");
+ int lmi = Integer.valueOf(split[0]);//Ex 0,1,30
+ if (lmi < currentAttributeState.size()) {//then proceed
+ Value loaded = currentAttributeState.get(lmi);
+ //populate configuration: module-options
+ LinkedHashMap<String, Object> currentModuleOptions =
loaded.getOptions();
+
+ //This must match exactly the mapping identifier from descriptor,
otherwise loadResource fails silently.
+ String id = "Module Options";
+ PropertyMap map = new PropertyMap(id);
+ for (String key : currentModuleOptions.keySet()) {
+ PropertySimple option = new PropertySimple(key,
currentModuleOptions.get(key));
+ map.put(option);
+ }
+ if (!currentModuleOptions.isEmpty()) {//check that keyset is non
empty before adding to config.
+ configuration.put(map);
+ }
+ }
+ }
+ return configuration;
+ } else {//otherwise default subsystem discovery behavior.
+ ConfigurationDefinition configDef =
context.getResourceType().getResourceConfigurationDefinition();
+ ConfigurationLoadDelegate delegate = new ConfigurationLoadDelegate(configDef,
getASConnection(), address,
+ includeRuntime);
+ configuration = delegate.loadResourceConfiguration();
+
+ // Read server state
+ ReadAttribute op = new ReadAttribute(getAddress(), "name");
+ executeAndGenerateServerUpdateIfNecessary(configuration, op);
+ return configuration;
+ }
+ }
+
+ /** Looks up whether the current node supports the Module Options.
+ *
+ * @param grandParentType
+ * @return
+ */
+ private boolean supportsLoginModuleOptionType(ResourceType grandParentType) {
+ boolean supportModuleOptionTypes = false;
+ if (grandParentType != null) {
+ for (String moduleOptionType : supportedModuleOptionTypeNodes) {
+ if (grandParentType.getName().indexOf(moduleOptionType) > -1) {
+ supportModuleOptionTypes = true;
+ }
+ }
+ }
+ return supportModuleOptionTypes;
+ }
+
+ /**Iterates through the list of supported Module Option Type nodes
+ * to determine if the current node is i)supported Module option node or
+ * ii)the immediated child of a supported Module option node.
+ *
+ * @param parentType
+ * @param resourceType
+ * @return
+ */
+ private boolean isSupportedModuleOptionTypeOrImmediateChildOf(ResourceType
parentType, ResourceType resourceType) {
+ boolean loadThisConfiguration = false;
+ if ((parentType != null) && (resourceType != null)) {
+ for (String moduleOptionType : attributeMap.keySet()) {
+ if ((parentType.getName().equals(moduleOptionType))
+ || (resourceType.getName().equals(moduleOptionType))) {
+ loadThisConfiguration = true;
+ }
+ }
+
+ }
+ return loadThisConfiguration;
+ }
+
+ /** Handles the different types of configuration population based on the attribute
value passed in.
+ *
+ * @param configuration
+ * @param attribute
+ * @param loaded
+ */
+ private void populateCodeFlagType(Configuration configuration, String attribute,
Value loaded) {
+ if (attribute.equals(providerModules)) {//audit=classic. Ex. only code
+ PropertySimple currentValue = new PropertySimple("code",
loaded.getCode());
+ configuration.put(currentValue);
+ } else if (attribute.equals(mappingModules)) {//mapping=classic. Ex. code type
+ PropertySimple currentValue = new PropertySimple("code",
loaded.getCode());
+ PropertySimple currentValue2 = new PropertySimple("type",
loaded.getType());
+ configuration.put(currentValue);
+ configuration.put(currentValue2);
+ } else {//code flag
+ PropertySimple currentValue = new PropertySimple("code",
loaded.getCode());
+ PropertySimple currentValue2 = new PropertySimple("flag",
loaded.getFlag());
+ configuration.put(currentValue);
+ configuration.put(currentValue2);
+ }
+ }
+
+ /** Populates the Value instance passed in or returns new Value instance with values
loaded.
+ *
+ * @param configuration
+ * @param attribute
+ * @param loaded
+ * @return
+ */
+ private Value loadCodeFlagType(Configuration configuration, String attribute, Value
loaded) {
+ //if required data is not present then return null.
+ if ((configuration == null) || attribute == null) {
+ return null;
+ }
+ if (loaded == null) {// initialize if null
+ loaded = new Value();
+ }
+ if (attribute.equals(providerModules)) {//audit=classic. Ex. only code
+ String code = configuration.getSimpleValue("code");
+ loaded.setCode(code);
+ } else if (attribute.equals(mappingModules)) {//mapping=classic. Ex. code type
+ String code = configuration.getSimpleValue("code");
+ String type = configuration.getSimpleValue("type");
+ loaded.setCode(code);
+ loaded.setType(type);
+ } else {//code flag
+ String code = configuration.getSimpleValue("code");
+ String flag = configuration.getSimpleValue("flag");
+ loaded.setCode(code);
+ loaded.setFlag(flag);
+ }
+ return loaded;
+ }
+
+ @Override
+ public void updateResourceConfiguration(ConfigurationUpdateReport report) {
+ //determine the component
+ ResourceType resourceType = context.getResourceType();
+ ConfigurationDefinition configDef =
resourceType.getPluginConfigurationDefinition();
+ Set<ResourceType> nodeParentTypes =
context.getResourceType().getParentResourceTypes();
+ ResourceType parentType = (ResourceType) nodeParentTypes.toArray()[0];
+ ResourceType grandParentType = (ResourceType)
parentType.getParentResourceTypes().toArray()[0];
+ ///if child of SecurityDomain then
+ if (isSupportedModuleOptionTypeOrImmediateChildOf(parentType, resourceType)) {
+ boolean currentNodeIsModuleType = false;
+ if (ModuleOptionsComponent.attributeMap.get(resourceType.getName()) != null)
{
+ currentNodeIsModuleType = true;
+ }
+ //get type and lookup supported node and type
+ //retreive the parent resource
+ String attribute =
ModuleOptionsComponent.attributeMap.get(parentType.getName());
+ if (currentNodeIsModuleType) {
+ attribute =
ModuleOptionsComponent.attributeMap.get(resourceType.getName());
+ }
+
+ //get the current attribute value. Will write module types back out exactly
as read in with these new updates
+ ReadAttribute op = new ReadAttribute(address, attribute);
+ Result result = getASConnection().execute(op);
+ if (result.isSuccess()) {
+ List<String> entries = (List<String>) result.getResult();
+
+ //populate attribute values
+ List<Value> currentAttributeState = new ArrayList<Value>();
+ currentAttributeState =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+
+ //retrieve current config changes
+ Configuration conf = report.getConfiguration();
+
+ if (currentNodeIsModuleType) {//grab first available module type
+ Value loaded = currentAttributeState.get(0);
+ //iterate over properties and update values appropriately
+ for (String pKey : conf.getSimpleProperties().keySet()) {
+ if (pKey.equals("flag")) {
+
loaded.setFlag(conf.getSimpleProperties().get(pKey).getStringValue());
+ } else if (pKey.equals("code")) {
+
loaded.setCode(conf.getSimpleProperties().get(pKey).getStringValue());
+ } else if (pKey.equals("type")) {
+
loaded.setType(conf.getSimpleProperties().get(pKey).getStringValue());
+ }
+ }
+ Operation write = new WriteAttribute(address);
+ write.addAdditionalProperty("name", attribute);//attribute
to execute on
+
+ //now complete the write operation by updating the value
+ write.addAdditionalProperty("value", (Object)
currentAttributeState);
+ executeWriteAndGenerateAs7ServerUpdate(report, conf, write);
+ } else {//Need to locate specific module type
+
+ //locate specific node and populate the config
+ String loginModuleIdentifier = attribute + ":";
+ int index = path.indexOf(loginModuleIdentifier);
+ String loginModuleIndex = path.substring(index +
loginModuleIdentifier.length());
+ int lmi = Integer.valueOf(loginModuleIndex);//Ex 0,1,30
+ Value valueObject = currentAttributeState.get(lmi);
+
+ //iterate over properties and update values appropriately
+ for (String pKey : conf.getSimpleProperties().keySet()) {
+ if (pKey.equals("flag")) {
+
valueObject.setFlag(conf.getSimpleProperties().get(pKey).getStringValue());
+ } else if (pKey.equals("code")) {
+
valueObject.setCode(conf.getSimpleProperties().get(pKey).getStringValue());
+ } else if (pKey.equals("type")) {
+
valueObject.setType(conf.getSimpleProperties().get(pKey).getStringValue());
+ }
+ }
+ Operation write = new WriteAttribute(address);
+ write.addAdditionalProperty("name", attribute);//attribute to
execute on
+
+ //now complete the write operation by updating the value
+ write.addAdditionalProperty("value", (Object)
currentAttributeState);
+ executeWriteAndGenerateAs7ServerUpdate(report, conf, write);
+ }
+ }
+ } else if (supportsLoginModuleOptionType(grandParentType)) {//Module Options
child.
+ //get type and lookup supported node and type
+ String attribute =
ModuleOptionsComponent.attributeMap.get(grandParentType.getName());
+
+ //get the current attribute value. Will write module types back out exactly
as read in with these new updates
+ ReadAttribute op = new ReadAttribute(address, attribute);
+ Result result = getASConnection().execute(op);
+ if (result.isSuccess()) {
+
+ //populate attribute values
+ List<Value> currentAttributeState = new ArrayList<Value>();
+ currentAttributeState =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+
+ //locate specific node and populate the config
+ String loginModuleIdentifier = attribute + ":";
+ int index = path.indexOf(loginModuleIdentifier);
+ String loginModuleIndex = path.substring(index +
loginModuleIdentifier.length());
+ String[] split = loginModuleIndex.split(",");
+ int lmi = Integer.valueOf(split[0]);//Ex 0,1,30
+ Value valueObject = currentAttributeState.get(lmi);
+
+ //retrieve current config changes
+ Configuration conf = report.getConfiguration();
+ //list current conf stated being defined.
+ String mapKey = (String) conf.getMap().keySet().toArray()[0];
+ PropertyMap mapType = (PropertyMap) conf.getMap().get(mapKey);
+ //insert update logic.
+ //set this new state passed in as state of the attribute.
+ LinkedHashMap<String, Object> currentOptions = new
LinkedHashMap<String, Object>();
+ for (String propertyKey : mapType.getMap().keySet()) {
+ currentOptions.put(propertyKey, ((PropertySimple)
mapType.get(propertyKey)).getStringValue());
+ }
+
+ //make these settings the new state for this part of the attribute.
+ valueObject.setOptions(currentOptions);
+ currentAttributeState.set(lmi, valueObject);
+
+ Operation write = new WriteAttribute(address);
+ write.addAdditionalProperty("name", attribute);//attribute to
execute on
+
+ //now complete the write operation by updating the value
+ write.addAdditionalProperty("value", (Object)
currentAttributeState);
+ executeWriteAndGenerateAs7ServerUpdate(report, conf, write);
+ }
+ } else {
+ ConfigurationWriteDelegate delegate = new
ConfigurationWriteDelegate(configDef, getASConnection(), address);
+ delegate.updateResourceConfiguration(report);
+ }
+
+ }
+
+ /**Executes boilerplate finish for write operation.
+ *
+ * @param report
+ * @param conf
+ * @param write
+ */
+ private void executeWriteAndGenerateAs7ServerUpdate(ConfigurationUpdateReport report,
Configuration conf,
+ Operation write) {
+ Result result;
+ result = getASConnection().execute(write);
+ if (!result.isSuccess()) {
+ report.setStatus(ConfigurationUpdateStatus.FAILURE);
+ report.setErrorMessage(result.getFailureDescription());
+ } else {
+ report.setStatus(ConfigurationUpdateStatus.SUCCESS);
+ // signal "need reload"
+ if (result.isReloadRequired()) {
+ PropertySimple oobMessage = new PropertySimple("__OOB",
+ "The server needs a reload for the latest changes to come
effective.");
+ conf.put(oobMessage);
+ }
+ if (result.isRestartRequired()) {
+ PropertySimple oobMessage = new PropertySimple("__OOB",
+ "The server needs a restart for the latest changes to come
effective.");
+ conf.put(oobMessage);
+ }
+ }
+ }
+
+ /**Executes boilerplate finish for read operation.
+ *
+ * @param report
+ * @param conf
+ * @param write
+ */
+ private void executeAndGenerateServerUpdateIfNecessary(Configuration configuration,
ReadAttribute op) {
+ Result res = getASConnection().execute(op);
+ if (res.isReloadRequired()) {
+ PropertySimple oobMessage = new PropertySimple("__OOB",
+ "The server needs a reload for the latest changes to come
effective.");
+ configuration.put(oobMessage);
+ }
+ if (res.isRestartRequired()) {
+ PropertySimple oobMessage = new PropertySimple("__OOB",
+ "The server needs a restart for the latest changes to come
effective.");
+ configuration.put(oobMessage);
+ }
+ }
+
+ /** Locates the write ModuleOptionType mapped to the AS7Node attribute passed in.
+ * Ex. 'login-modules' -> Authentication (Classic * type. One of three
types.
+ *
+ * @param attribute
+ * @return
+ */
+ public static ModuleOptionType loadModuleOptionType(String attribute) {
+ ModuleOptionType located = ModuleOptionType.typeMap.get(attribute);
+ if (located == null) {
+ throw new IllegalArgumentException("Unknown node '" +
attribute
+ + "' entered for which no valid ModuleOptionType could be
found.");
+ }
+ return located;
+ }
+
+ /** Takes the result passed in(successful readAttribute for ModuleOptionType) and
+ * parses the json to populate a json object of type List<Value> with the
+ * results.
+ * Handles inconsistencies in model representation for login-modules vs.
+ * the other supported ModuleOptionTypes.
+ *
+ * @param result json.Result type from successful read of attribute.
+ * @param type ModuleOptionType
+ * @return List<Value> type populated with moduleOption details.
+ */
+ public static List<Value> populateSecurityDomainModuleOptions(Result result,
ModuleOptionType type) {
+ //initialize empty
+ List<Value> populated = new ArrayList<Value>();
+ //input validation
+ if ((result != null) && (result.isSuccess())) {
+
+ //parse json and populate the object.
+ Object rawResult = result.getResult();
+
+ if (rawResult instanceof ArrayList) {
+ //iterate over the module option type passed in.
+ ArrayList moduleOptionTypeChildrenList = (ArrayList) rawResult;
+ for (int i = 0; i < moduleOptionTypeChildrenList.size(); i++) {
+ Value value = new Value();
+ //stores current <module-options> defined.
+ LinkedHashMap<String, Object> optionsMap = new
LinkedHashMap<String, Object>();
+ Object entryCheck = ((ArrayList) rawResult).get(i);
+
+ if (entryCheck instanceof HashMap) {
+
+ //this is the root attribute map for all children of the specific
custom Security Domain
+ //type attributes.
+ Map<String, Object> attributeMap = (HashMap<String,
Object>) entryCheck;
+ for (String key : attributeMap.keySet()) {
+
+ //peek at contents to exclude empty values.
+ String extracted = String.valueOf(attributeMap.get(key));
+ if (!extracted.trim().isEmpty()) {
+ if (key.equals("flag")) {
+ value.setFlag(extracted);
+ } else if (key.equals("code")) {
+ value.setCode(extracted);
+ } else if (key.equals("type")) {
+ value.setType(extracted);
+ } else if (key.equals("module-options")) {
+ //Need to support both Map and List types here
because of inconsistent representations.
+ Object optionEntity = attributeMap.get(key);
+ if (optionEntity instanceof HashMap) {
+ Map<String, Object> entryList =
(HashMap<String, Object>) optionEntity;
+ for (String oKey : entryList.keySet()) {
+ //get key and value and populate
ModuleEntries found.
+ optionsMap.put(oKey,
String.valueOf(entryList.get(oKey)));
+ }
+ } else if (optionEntity instanceof ArrayList) {
+ Object listEntryCheck = ((ArrayList)
optionEntity).get(0);
+ if (listEntryCheck instanceof HashMap) {
+ ArrayList list = (ArrayList) optionEntity;
+ for (Object listEntry : list) {//iterate over
each instance to get all values.
+ Map<String, Object> entryList =
(HashMap<String, Object>) listEntry;
+ for (String oKey : entryList.keySet()) {
+ //get key and value and populate
ModuleEntries found.
+ optionsMap.put(oKey,
String.valueOf(entryList.get(oKey)));
+ }
+ }
+ }
+ }//end of if/else
+ }
+ }//end of empty value check
+ }
+ }//end of HashMap for SecurityDomain child check
+ value.setOptions(optionsMap);
+ populated.add(value);
+ }//end of moduleOptionType iteration
+ }
+ }
+
+ return populated;
+ }
+
+ @JsonSerialize(include = Inclusion.NON_NULL)
+ public static class Value {
+ // no args for jackson.
+ public Value() {
+ };
+
+ /** Three possible flags can be set. c-> code f->flag t->type
+ * Acl c f
+ * Authentication c f
+ * Authentication(Jaspi)c f
+ * Authorization c f
+ * Identity Trust c f
+ * Mapping c t
+ * Audit c
+ *
+ * @param code
+ * @param flag
+ * @param type
+ */
+ public Value(String code, String flag, String type) {
+ setCode(code);
+ if ((flag != null) && (!flag.trim().isEmpty())) {
+ setFlag(flag);
+ }
+ if ((type != null) && (!type.trim().isEmpty())) {
+ setType(type);
+ }
+ }
+
+ //default to empty string for case where specific attribute is not used.
+ @JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
+ private String flag;
+ private String code;
+ @JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
+ private String type;
+
+ public String getType() {
+ return type;
+ }
+
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ public String getFlag() {
+ return flag;
+ }
+
+ public void setFlag(String flag) {
+ this.flag = flag;
+ }
+
+ public String getCode() {
+ return code;
+ }
+
+ public void setCode(String code) {
+ this.code = code;
+ }
+
+ //overrides the type name for serialization/deserialization.
+ @JsonProperty(value = "module-options")
+ @JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
+ private LinkedHashMap<String, Object> options = null;
+
+ @JsonProperty(value = "module-options")
+ public LinkedHashMap<String, Object> getOptions() {
+ if (options == null) {
+ options = new LinkedHashMap<String, Object>();
+ }
+ return options;
+ }
+
+ @JsonProperty(value = "module-options")
+ public void setOptions(LinkedHashMap<String, Object> options) {
+ this.options = options;
+ }
+
+ @Override
+ public String toString() {
+ String serialized = "";
+ serialized += "code=" + getCode() + ", ";
+ if (getFlag() != null) {
+ serialized += "flag=" + getFlag() + ", ";
+ } else if (getType() != null) {
+ serialized += "type=" + getType() + ", ";
+ }
+ String options = "module-options=";
+ if (getOptions().isEmpty()) {
+ options += " {}";
+ } else {
+ options += " {";
+ for (String key : getOptions().keySet()) {
+ options += key + "=\"" + getOptions().get(key) +
"\",";
+ }
+ options = options.substring(0, options.length() - 1);
+ options += "} ";
+ }
+ serialized += options;
+ return serialized;
+ }
+ }
+
+ /** Handles the creation of
+ *
+ * @param address
+ * @param attribute
+ * @param moduleTypeValue
+ * @return
+ */
+ public static Operation createAddModuleOptionTypeOperation(Address address, String
attribute,
+ List<Value> moduleTypeValue) {
+ Operation add = null;
+ if ((address != null) & (attribute != null) & (moduleTypeValue != null))
{
+ add = new Operation("add", address);
+ add.addAdditionalProperty(attribute, moduleTypeValue);
+ }
+ return add;
+ }
+}
diff --git
a/modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsDiscoveryComponent.java
b/modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsDiscoveryComponent.java
new file mode 100644
index 0000000..619d7d5
--- /dev/null
+++
b/modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/ModuleOptionsDiscoveryComponent.java
@@ -0,0 +1,188 @@
+package org.rhq.modules.plugins.jbossas7;
+
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.rhq.core.domain.configuration.Configuration;
+import org.rhq.core.domain.configuration.PropertySimple;
+import org.rhq.core.pluginapi.inventory.DiscoveredResourceDetails;
+import org.rhq.core.pluginapi.inventory.InvalidPluginConfigurationException;
+import org.rhq.core.pluginapi.inventory.ResourceDiscoveryComponent;
+import org.rhq.core.pluginapi.inventory.ResourceDiscoveryContext;
+import org.rhq.modules.plugins.jbossas7.ModuleOptionsComponent.Value;
+import org.rhq.modules.plugins.jbossas7.json.Address;
+import org.rhq.modules.plugins.jbossas7.json.ReadAttribute;
+import org.rhq.modules.plugins.jbossas7.json.ReadChildrenNames;
+import org.rhq.modules.plugins.jbossas7.json.ReadResource;
+import org.rhq.modules.plugins.jbossas7.json.Result;
+
+/**
+ * Discovery class for Module Options nodes.
+ *
+ * @author Simeon Pinder
+ */
+public class ModuleOptionsDiscoveryComponent implements
ResourceDiscoveryComponent<BaseComponent<?>> {
+
+ private final Log log = LogFactory.getLog(this.getClass());
+
+ @Override
+ public Set<DiscoveredResourceDetails>
discoverResources(ResourceDiscoveryContext<BaseComponent<?>> context)
+ throws InvalidPluginConfigurationException, Exception {
+
+ Set<DiscoveredResourceDetails> details = new
HashSet<DiscoveredResourceDetails>();
+
+ BaseComponent parentComponent = context.getParentResourceComponent();
+ ASConnection connection = parentComponent.getASConnection();
+
+ Configuration config = context.getDefaultPluginConfiguration();
+ String confPath = config.getSimpleValue("path", "");
+ if (confPath == null || confPath.isEmpty()) {
+ log.error("Path plugin config is null for ResourceType [" +
context.getResourceType().getName() + "].");
+ return details;
+ }
+
+ //locate parent component identifier via path
+ Configuration configParent = parentComponent.pluginConfiguration;
+ String parentConfPath = configParent.getSimpleValue("path",
"");
+
+ //create relevant path and address details.
+ String path = confPath;//Ex. subsystem=security
+ //processing to retrieve parent for profile/domain mode.
+ if ((parentConfPath != null) && (!parentConfPath.isEmpty())) {
+ path = parentConfPath + "," + confPath;//Ex.
profile=standalone-ha,subsystem=security
+ }
+
+ String name = "";//name=security
+ Address address = new Address(path);
+
+ //process the specific nodes
+ //Then we need to find out which of subchildren of ModOpsComponent is used
i)security-domain=*
+ //ii)[Authentication*,etc] or iii)[ModOptions]
+
+ //path should already be right
+ if (path.endsWith("security-domain")) {//individual security domain
entries
+ //ex. path => /subsystem=security/security-domain=(entry name)
+ //find all children and iterate over and update name appropriately
+ Address typeAddress = new Address(path);
+ String childType = "security-domain";
+ Result result = connection.execute(new ReadChildrenNames(typeAddress,
childType));
+
+ if (result.isSuccess()) {
+
+ @SuppressWarnings("unchecked")
+ List<String> children = (List<String>) result.getResult();
+ for (String child : children) {
+ //update the components for discovery
+ name = child;//ex. basic, databaseDomain
+ String currentChildPath = path + //ex.
/subsystem=security,security-domain=jboss-web
+ "=" + child;
+ address = new Address(currentChildPath);
+ addDiscoveredResource(context, details, connection, currentChildPath,
name, address);
+ }
+ }
+ } else if (ifResourceIsSupportedModuleType(path)) {//is ModOptions map child
+ //ex. path => /subsystem=security/security-domain=(entry
name)/authentication=classic/login-modules
+ //Ex. String attribute = "login-modules";
+ String attribute = lookupAttributeType(path);
+ //query all the module-options defined and discover them here
+ //Ex. String typeAddress =
"subsystem=security,security-domain=testDomain2,authentication=classic";
+ String typeAddress = parentConfPath;
+ ReadAttribute readModuleOptionType = new ReadAttribute(new
Address(typeAddress), attribute);
+ Result result = connection.execute(readModuleOptionType);
+ if (result.isSuccess()) {
+ List<Value> loadedLoginModuleTypes =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+ int moduleIndex = 0;
+ for (Value loginModule : loadedLoginModuleTypes) {
+ //Ex. name = "Login Module " + moduleIndex;
+ name =
ModuleOptionsComponent.ModuleOptionType.readableNameMap.get(attribute) + " " +
moduleIndex;
+ //Ex.
subsystem=security,security-domain=testDomain2,authentication=classic,login-modules:0
+ String currentPath = path + ":" + moduleIndex++;
+ //add the discovered resource
+ addDiscoveredResource(context, details, connection, currentPath,
name, address);
+ }
+ }
+ } else if (path.endsWith("module-options")) {//is ModOptions map child
+ //ex. path => /subsystem=security/security-domain=(entry
name)/acl=classic/login-modules*module-options
+ //update name appropriately
+ name = "Module Options";
+ //add the discovered resource
+ addDiscoveredResource(context, details, connection, path, name, address);
+ } else {//[Authentication*,etc] children aka all others.
+ //ex. path => /subsystem=security/security-domain=(entry
name)/authentication=classic
+ //update name appropriately
+ name = context.getResourceType().getName();//Authentication (Classic).
Singletons.
+ //add the discovered resource
+ addDiscoveredResource(context, details, connection, path, name, address);
+ }
+ return details;
+ }
+
+ private String lookupAttributeType(String path) {
+ String attribute = null;
+ if ((path != null) && (!path.trim().isEmpty())) {
+ //Ex.
subsystem=security,security-domain=testDomain2,authentication=classic,login-modules
+ String[] segments = path.split(",");
+ //contents of last segment should be the 'attribute' value of one of
the ModuleOptionTypes
+ if (segments.length > 1) {
+ String last = segments[segments.length - 1];
+ if
(ModuleOptionsComponent.ModuleOptionType.typeMap.keySet().contains(last)) {
+ attribute = last;
+ }
+ }
+ }
+ return attribute;
+ }
+
+ private boolean ifResourceIsSupportedModuleType(String path) {
+ boolean resourceIsSupported =false;
+ if ((path != null) && (!path.trim().isEmpty())) {
+ //Ex.
subsystem=security,security-domain=testDomain2,authentication=classic,login-modules
+ String[] segments = path.split(",");
+ //contents of last segment should be the 'attribute' value of one of
the ModuleOptionTypes
+ if (segments.length > 1) {
+ String last = segments[segments.length - 1];
+ if
(ModuleOptionsComponent.ModuleOptionType.typeMap.keySet().contains(last)) {
+ resourceIsSupported = true;
+ }
+ }
+ }
+ return resourceIsSupported;
+ }
+
+ /** Adds discovered resource.
+ *
+ * @param context
+ * @param details
+ * @param connection
+ * @param path
+ * @param name
+ * @param address
+ */
+ private void addDiscoveredResource(ResourceDiscoveryContext context,
Set<DiscoveredResourceDetails> details,
+ ASConnection connection, String path, String name, Address address) {
+ //ping the resource to determine if it's enabled and available.
+ ReadResource op = new ReadResource(address);
+ Result result = connection.execute(op);
+ if (result.isSuccess()) {
+
+ //include the config entry for the discovered node.
+ Configuration config2 = context.getDefaultPluginConfiguration();
+ //add path component to config as well.
+ PropertySimple pathProp = new PropertySimple("path", path);
+ config2.put(pathProp);
+
+ DiscoveredResourceDetails detail = new
DiscoveredResourceDetails(context.getResourceType(), // DataType
+ path, // Key
+ name, // Name
+ null, // Version
+ context.getResourceType().getDescription(), // Description
+ config2, null);
+ details.add(detail);
+ }
+ }
+}
diff --git a/modules/plugins/jboss-as-7/src/main/resources/META-INF/rhq-plugin.xml
b/modules/plugins/jboss-as-7/src/main/resources/META-INF/rhq-plugin.xml
index 956eed8..ecbaea2 100644
--- a/modules/plugins/jboss-as-7/src/main/resources/META-INF/rhq-plugin.xml
+++ b/modules/plugins/jboss-as-7/src/main/resources/META-INF/rhq-plugin.xml
@@ -768,6 +768,60 @@
</resource-configuration>
'>
+ <!ENTITY loginModuleResourceConfig '
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="true"
+ description="Class name of the module to be instantiated.">
+ <c:property-options>
+ <c:option value="AdvancedADLdap" />
+ <c:option value="AdvancedLdap" />
+ <c:option value="Certificate" />
+ <c:option value="CertificateRoles" />
+ <c:option value="CertificateUsers" />
+ <c:option value="Client" />
+ <c:option value="ConfigureIdentity" />
+ <c:option value="Database" />
+ <c:option value="DatabaseCertificate" />
+ <c:option value="DatabaseUsers" />
+ <c:option value="Identity" />
+ <c:option value="Kerberos" />
+ <c:option value="Ldap" />
+ <c:option value="LdapExtended" />
+ <c:option value="LdapUsers" />
+ <c:option value="PropertiesUsers" />
+ <c:option value="RoleMapping" />
+ <c:option value="RunAs" />
+ <c:option value="Simple" />
+ <c:option value="SimpleUsers" />
+ <c:option value="SPNEGOUsers" />
+ <c:option value="UsersRoles" />
+ </c:property-options>
+ </c:simple-property>
+ <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
+ <c:property-options>
+ <c:option value="optional"/>
+ <c:option value="required"/>
+ <c:option value="requisite"/>
+ <c:option value="sufficient"/>
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+'>
+
+ <!ENTITY flagModuleResourceConfig '
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
+ <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
+ <c:property-options>
+ <c:option value="optional"/>
+ <c:option value="required"/>
+ <c:option value="requisite"/>
+ <c:option value="sufficient"/>
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+'>
+
]>
<plugin name="&pluginName;"
displayName="JBoss Application Server 7.x"
@@ -3095,272 +3149,306 @@
</c:simple-property>
</resource-configuration>
- <service name="ACL (Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true">
+ <service name="ACL (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="acl=classic"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="acl=classic" />
+ </plugin-configuration>
- <resource-configuration>
- <c:list-property name="acl-modules" required="false"
description="List of acl modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="true" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="true" description="Name of JBoss Module
where the acl provider module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ &flagModuleResourceConfig;
+ <service name="Acl Modules (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
- <service name="Audit (Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true">
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="acl-modules" />
+ </plugin-configuration>
+ &flagModuleResourceConfig;
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="audit=classic"/>
- </plugin-configuration>
+ <service name="Module Options (Acl - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
- <resource-configuration>
- <c:list-property name="provider-modules"
required="false" description="List of provider modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
- <service name="Authentication (Classic - Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true">
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Acl - Managed Server) -->
+ </service><!-- End of Acl Modules (Managed Server) -->
+ </service>
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authentication=classic"/>
- </plugin-configuration>
+ <service name="Audit (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
- <resource-configuration>
- <c:list-property name="login-modules" required="false"
description="List of authentication modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true"
- description="Class name of the module to be instantiated.">
- <c:property-options>
- <c:option value="AdvancedADLdap" />
- <c:option value="AdvancedLdap" />
- <c:option value="Certificate" />
- <c:option value="CertificateRoles" />
- <c:option value="Client" />
- <c:option value="Database" />
- <c:option value="DatabaseCertificate" />
- <c:option value="DatabaseUsers" />
- <c:option value="Identity" />
- <c:option value="Kerberos" />
- <c:option value="Ldap" />
- <c:option value="LdapExtended" />
- <c:option value="RoleMapping" />
- <c:option value="Simple" />
- <c:option value="SPNEGOUsers" />
- <c:option value="UserRoles" />
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="flag" required="true"
type="string" readOnly="true" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="true" description="Name of JBoss Module
where the login module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="audit=classic" />
+ </plugin-configuration>
- <service name="Authentication (Jaspi - Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true">
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ </resource-configuration>
+ <service name="Provider Modules (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authentication=jaspi"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="provider-modules" />
+ </plugin-configuration>
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ </resource-configuration>
- <resource-configuration>
- <c:list-property name="auth-modules" required="true"
description="List of authentication modules to be used." >
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="true" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="true" description="Name of JBoss Module
where the auth module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- <c:simple-property name="login-module-stack-ref"
required="false" type="string" readOnly="true"
description="Reference to a login module stack name previously configured in the same
security domain."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
+ <service name="Module Options (Provider Modules - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
- <service name="Login Module Stack (Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent">
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="login-module-stack"/>
- </plugin-configuration>
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Provider Modules - Managed Server)
-->
+ </service><!-- End of Provider Modules - Managed Server -->
+ </service>
- <resource-configuration>
- <c:list-property name="login-modules"
required="true" description="List of authentication modules" >
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="true" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module"
required="false" type="string" readOnly="true"
description="Name of JBoss Module where the login module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
- </service>
+ <service name="Authentication (Classic - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
- <service name="Authorization (Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true">
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authentication=classic" />
+ </plugin-configuration>
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authorization=classic"/>
- </plugin-configuration>
+ <service name="Login Modules (Classic - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
- <resource-configuration>
- <c:list-property name="policy-modules"
required="false" description="List of authorization modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="true" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module"
required="false" type="string" readOnly="true"
description="Name of JBoss Module where the policy module code is
located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="login-modules" />
+ </plugin-configuration>
+
+ &loginModuleResourceConfig;
- <service name="Identity Trust (Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true">
+ <service name="Module Options (Classic - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="identity-trust=classic"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
- <resource-configuration>
- <c:list-property name="trust-modules" required="false"
description="List of trust modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="true" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="true" description="Name of JBoss Module
where the identity trust module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options -->
+ </service><!-- End of Login Modules (Classic - Managed Server) -->
+ </service><!-- End of Authentication (Classic - Managed Server) -->
- <service name="JSSE (Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent">
+ <service name="Authentication (Jaspi - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="jsse"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authentication=jaspi" />
+ </plugin-configuration>
- <resource-configuration>
- <c:simple-property name="cipher-suites"
required="false" type="string" readOnly="true"
description="Comma separated list of cipher suites to enable on
SSLSockets."/>
- <c:simple-property name="client-alias"
required="false" type="string" readOnly="true"
description="Preferred alias to use when the KeyManager chooses the client
alias."/>
- <c:simple-property name="client-auth" required="false"
type="boolean" readOnly="true" description="Boolean attribute to
indicate if client's certificates should also be authenticated on the server
side."/>
- <c:map-property name="key-manager" required="false"
description="JSEE Key Manager factory">
- <c:simple-property name="algorithm" required="false"
type="string" readOnly="true" description="Algorithm to use when
creating the KeyManagerFactory."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="true" description="Provider class name to
use when creating the KeyManagerFactory."/>
- </c:map-property>
- <c:map-property name="keystore" required="false"
description="Configures a JSSE key store">
- <c:simple-property name="password" required="false"
type="string" readOnly="true" description="Sets the password of
the keystore. Either this or 'truststore-password' must be
present otherwise the security domain will be useless."/>
- <c:simple-property name="type" required="false"
type="string" readOnly="true" description="Type of the keystore.
If not set, type defaults to 'JKS'."/>
- <c:simple-property name="url" required="false"
type="string" readOnly="true" description="URL of the
keystore."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="true" description="Provider class name to
use when creating the KeyStore."/>
- <c:simple-property name="provider-argument"
required="false" type="string" readOnly="true"
description="String argument to pass to the keystore Provider constructor when
instantiating it."/>
- </c:map-property>
- <c:simple-property name="protocols" required="false"
type="string" readOnly="true" description="Comma separated list
of protocols to enable on SSLSockets."/>
- <c:simple-property name="server-alias"
required="false" type="string" readOnly="true"
description="Preferred alias to use when the KeyManager chooses the server
alias."/>
- <c:simple-property name="service-auth-token"
required="false" type="string" readOnly="true"
description="Token to retrieve PrivateKeys from the KeyStore."/>
- <c:map-property name="trust-manager" required="false"
description="JSEE Trust Manager factory">
- <c:simple-property name="algorithm" required="false"
type="string" readOnly="true" description="Algorithm to use when
creating the TrustManagerFactory."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="true" description="Provider class name to
use when creating the TrustManagerFactory."/>
- </c:map-property>
- <c:map-property name="truststore" required="false"
description="Configures a JSSE trust store">
- <c:simple-property name="password" required="false"
type="string" readOnly="true" description="Sets the password of
the truststore. Either this or 'keystore-password' must be
present otherwise the security domain will be useless."/>
- <c:simple-property name="type" required="false"
type="string" readOnly="true" description="Type of the
truststore. If not set, type defaults to 'JKS'."/>
- <c:simple-property name="url" required="false"
type="string" readOnly="true" description="URL of the
truststore."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="true" description="Provider class name to
use when creating the truststore."/>
- <c:simple-property name="provider-argument"
required="false" type="string" readOnly="true"
description="String argument to pass to the truststore Provider constructor when
instantiating it."/>
- </c:map-property>
- </resource-configuration>
- </service>
+ &loginModuleResourceConfig;
- <service name="Mapping (Managed Server)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true">
+ <service name="Login Module Stack (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="mapping=classic"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="login-module-stack" />
+ </plugin-configuration>
- <resource-configuration>
- <c:list-property name="mapping-modules"
required="false" description="List of modules that map principal, role, and
credential information">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="type" required="true"
type="string" readOnly="true" description="Type of mapping this
module performs. Allowed values are principal, role, attribute or credential.."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="true"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ &loginModuleResourceConfig;
+
+ <service name="Module Options (Login Module Stack (Managed Server))"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options -->
+
+ </service>
+ </service>
+
+ <service name="Authorization (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authorization=classic" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+
+ <service name="Authorization Modules (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="policy-modules" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+
+ <service name="Module Options (Authorization - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Authorization - Managed Server)
-->
+ </service><!-- End of Authorization Modules (Managed Server) -->
+ </service>
+
+ <service name="Identity Trust (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="identity-trust=classic" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+ <service name="Identity Trust Modules (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="trust-modules" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+
+ <service name="Module Options (Identity Trust - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Identity Trust - Managed Server)
-->
+ </service><!-- End of Identity Trust Modules (Managed Server) -->
+ </service>
+
+ <service name="JSSE (Managed Server)"
discovery="SubsystemDiscovery" class="BaseComponent">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="jsse" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:simple-property name="cipher-suites" required="false"
type="string" readOnly="true"
+ description="Comma separated list of cipher suites to enable on
SSLSockets." />
+ <c:simple-property name="client-alias" required="false"
type="string" readOnly="true"
+ description="Preferred alias to use when the KeyManager chooses the client
alias." />
+ <c:simple-property name="client-auth" required="false"
type="boolean" readOnly="true"
+ description="Boolean attribute to indicate if client's certificates
should also be authenticated on the server side." />
+ <c:map-property name="key-manager" required="false"
description="JSEE Key Manager factory">
+ <c:simple-property name="algorithm" required="false"
type="string" readOnly="true"
+ description="Algorithm to use when creating the KeyManagerFactory."
/>
+ <c:simple-property name="provider" required="false"
type="string" readOnly="true"
+ description="Provider class name to use when creating the
KeyManagerFactory." />
+ </c:map-property>
+ <c:map-property name="keystore" required="false"
description="Configures a JSSE key store">
+ <c:simple-property name="password" required="false"
type="string" readOnly="true"
+ description="Sets the password of the keystore. Either this or
'truststore-password' must be present otherwise the security
domain will be useless." />
+ <c:simple-property name="type" required="false"
type="string" readOnly="true"
+ description="Type of the keystore. If not set, type defaults to
'JKS'." />
+ <c:simple-property name="url" required="false"
type="string" readOnly="true" description="URL of the
keystore." />
+ <c:simple-property name="provider" required="false"
type="string" readOnly="true"
+ description="Provider class name to use when creating the KeyStore."
/>
+ <c:simple-property name="provider-argument"
required="false" type="string" readOnly="true"
+ description="String argument to pass to the keystore Provider constructor
when instantiating it." />
+ </c:map-property>
+ <c:simple-property name="protocols" required="false"
type="string" readOnly="true"
+ description="Comma separated list of protocols to enable on
SSLSockets." />
+ <c:simple-property name="server-alias" required="false"
type="string" readOnly="true"
+ description="Preferred alias to use when the KeyManager chooses the server
alias." />
+ <c:simple-property name="service-auth-token"
required="false" type="string" readOnly="true"
+ description="Token to retrieve PrivateKeys from the KeyStore." />
+ <c:map-property name="trust-manager" required="false"
description="JSEE Trust Manager factory">
+ <c:simple-property name="algorithm" required="false"
type="string" readOnly="true"
+ description="Algorithm to use when creating the TrustManagerFactory."
/>
+ <c:simple-property name="provider" required="false"
type="string" readOnly="true"
+ description="Provider class name to use when creating the
TrustManagerFactory." />
+ </c:map-property>
+ <c:map-property name="truststore" required="false"
description="Configures a JSSE trust store">
+ <c:simple-property name="password" required="false"
type="string" readOnly="true"
+ description="Sets the password of the truststore. Either this or
'keystore-password' must be present otherwise the security
domain will be useless." />
+ <c:simple-property name="type" required="false"
type="string" readOnly="true"
+ description="Type of the truststore. If not set, type defaults to
'JKS'." />
+ <c:simple-property name="url" required="false"
type="string" readOnly="true" description="URL of the
truststore." />
+ <c:simple-property name="provider" required="false"
type="string" readOnly="true"
+ description="Provider class name to use when creating the
truststore." />
+ <c:simple-property name="provider-argument"
required="false" type="string" readOnly="true"
+ description="String argument to pass to the truststore Provider
constructor when instantiating it." />
+ </c:map-property>
+ </resource-configuration>
+ </service>
+
+ <service name="Mapping (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="mapping=classic" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ <c:simple-property name="type" required="true"
type="string" readOnly="false"
+ description="Type of mapping this module performs. Allowed values are
principal, role, attribute or credential..">
+ <c:property-options>
+ <c:option value="attribute" />
+ <c:option value="credential" />
+ <c:option value="principal" />
+ <c:option value="role" />
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+ <service name="Mapping Modules (Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="mapping-modules" />
+ </plugin-configuration>
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ <c:simple-property name="type" required="true"
type="string" readOnly="false"
+ description="Type of mapping this module performs. Allowed values are
principal, role, attribute or credential..">
+ <c:property-options>
+ <c:option value="attribute" />
+ <c:option value="credential" />
+ <c:option value="principal" />
+ <c:option value="role" />
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+
+ <service name="Module Options (Mapping - Managed Server)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Mapping - Managed Server) -->
+ </service><!-- End of Mapping Modules (Managed Server) -->
+ </service>
</service>
<service name="Vault (Managed Server)"
@@ -5863,8 +5951,8 @@
</service>
<service name="Security (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
+ discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent"
description="The configuration of the security subsystem."
singleton="true">
@@ -5877,8 +5965,8 @@
</resource-configuration>
<service name="Security Domain (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
+ discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent"
createDeletePolicy="both">
<plugin-configuration>
@@ -5894,281 +5982,305 @@
</c:simple-property>
</resource-configuration>
- <service name="ACL (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="ACL (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="acl=classic"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="acl=classic" />
+ </plugin-configuration>
- <resource-configuration>
- <c:list-property name="acl-modules" required="false"
description="List of acl modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the acl provider module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ &flagModuleResourceConfig;
+ <service name="Acl Modules (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
- <service name="Audit (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="acl-modules" />
+ </plugin-configuration>
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="audit=classic"/>
- </plugin-configuration>
+ &flagModuleResourceConfig;
- <resource-configuration>
- <c:list-property name="provider-modules"
required="false" description="List of provider modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <service name="Module Options (Acl - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
- <service name="Authentication (Classic - Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authentication=classic"/>
- </plugin-configuration>
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Acl - Profile) -->
+ </service><!-- End of Acl Modules (Profile) -->
+ </service>
- <resource-configuration>
- <c:list-property name="login-modules" required="false"
description="List of authentication modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true"
- description="Class name of the module to be instantiated.">
- <c:property-options>
- <c:option value="AdvancedADLdap" />
- <c:option value="AdvancedLdap" />
- <c:option value="Certificate" />
- <c:option value="CertificateRoles" />
- <c:option value="Client" />
- <c:option value="Database" />
- <c:option value="DatabaseCertificate" />
- <c:option value="DatabaseUsers" />
- <c:option value="Identity" />
- <c:option value="Kerberos" />
- <c:option value="Ldap" />
- <c:option value="LdapExtended" />
- <c:option value="RoleMapping" />
- <c:option value="Simple" />
- <c:option value="SPNEGOUsers" />
- <c:option value="UserRoles" />
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the login module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <service name="Audit (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
- <service name="Authentication (Jaspi - Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="audit=classic" />
+ </plugin-configuration>
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authentication=jaspi"/>
- </plugin-configuration>
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ </resource-configuration>
+ <service name="Provider Modules (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
- <resource-configuration>
- <c:list-property name="auth-modules" required="true"
description="List of authentication modules to be used." >
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the auth module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- <c:simple-property name="login-module-stack-ref"
required="false" type="string" readOnly="false"
description="Reference to a login module stack name previously configured in the same
security domain."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="provider-modules" />
+ </plugin-configuration>
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ </resource-configuration>
- <service name="Login Module Stack (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- createDeletePolicy="both">
+ <service name="Module Options (Provider Modules - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="login-module-stack"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
- <resource-configuration>
- <c:list-property name="login-modules"
required="true" description="List of authentication modules" >
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module"
required="false" type="string" readOnly="false"
description="Name of JBoss Module where the login module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
- </service>
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Provider Modules - Profile) -->
+ </service><!-- End of Provider Modules (Profile) -->
+ </service>
- <service name="Authorization (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="Authentication (Classic - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authorization=classic"/>
- </plugin-configuration>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authentication=classic" />
+ </plugin-configuration>
- <resource-configuration>
- <c:list-property name="policy-modules"
required="false" description="List of authorization modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module"
required="false" type="string" readOnly="false"
description="Name of JBoss Module where the policy module code is
located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <service name="Login Modules (Classic - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
- <service name="Identity Trust (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="login-modules" />
+ </plugin-configuration>
+
+ &loginModuleResourceConfig;
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="identity-trust=classic"/>
- </plugin-configuration>
+ <service name="Module Options (Classic - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
- <resource-configuration>
- <c:list-property name="trust-modules" required="false"
description="List of trust modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the identity trust module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
- <service name="JSSE (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- createDeletePolicy="both">
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options -->
+ </service><!-- End of Module Options -->
+ </service><!-- End of Authentication (Classic) -->
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="jsse"/>
- </plugin-configuration>
+ <service name="Authentication (Jaspi - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
- <resource-configuration>
- <c:simple-property name="cipher-suites"
required="false" type="string" readOnly="false"
description="Comma separated list of cipher suites to enable on
SSLSockets."/>
- <c:simple-property name="client-alias"
required="false" type="string" readOnly="false"
description="Preferred alias to use when the KeyManager chooses the client
alias."/>
- <c:simple-property name="client-auth" required="false"
type="boolean" readOnly="false" description="Boolean attribute to
indicate if client's certificates should also be authenticated on the server
side."/>
- <c:map-property name="key-manager" required="false"
description="JSEE Key Manager factory">
- <c:simple-property name="algorithm" required="false"
type="string" readOnly="false" description="Algorithm to use when
creating the KeyManagerFactory."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="false" description="Provider class name
to use when creating the KeyManagerFactory."/>
- </c:map-property>
- <c:map-property name="keystore" required="false"
description="Configures a JSSE key store">
- <c:simple-property name="password" required="false"
type="string" readOnly="false" description="Sets the password of
the keystore. Either this or 'truststore-password' must be
present otherwise the security domain will be useless."/>
- <c:simple-property name="type" required="false"
type="string" readOnly="false" description="Type of the keystore.
If not set, type defaults to 'JKS'."/>
- <c:simple-property name="url" required="false"
type="string" readOnly="false" description="URL of the
keystore."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="false" description="Provider class name
to use when creating the KeyStore."/>
- <c:simple-property name="provider-argument"
required="false" type="string" readOnly="false"
description="String argument to pass to the keystore Provider constructor when
instantiating it."/>
- </c:map-property>
- <c:simple-property name="protocols" required="false"
type="string" readOnly="false" description="Comma separated list
of protocols to enable on SSLSockets."/>
- <c:simple-property name="server-alias"
required="false" type="string" readOnly="false"
description="Preferred alias to use when the KeyManager chooses the server
alias."/>
- <c:simple-property name="service-auth-token"
required="false" type="string" readOnly="false"
description="Token to retrieve PrivateKeys from the KeyStore."/>
- <c:map-property name="trust-manager" required="false"
description="JSEE Trust Manager factory">
- <c:simple-property name="algorithm" required="false"
type="string" readOnly="false" description="Algorithm to use when
creating the TrustManagerFactory."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="false" description="Provider class name
to use when creating the TrustManagerFactory."/>
- </c:map-property>
- <c:map-property name="truststore" required="false"
description="Configures a JSSE trust store">
- <c:simple-property name="password" required="false"
type="string" readOnly="false" description="Sets the password of
the truststore. Either this or 'keystore-password' must be
present otherwise the security domain will be useless."/>
- <c:simple-property name="type" required="false"
type="string" readOnly="false" description="Type of the
truststore. If not set, type defaults to 'JKS'."/>
- <c:simple-property name="url" required="false"
type="string" readOnly="false" description="URL of the
truststore."/>
- <c:simple-property name="provider" required="false"
type="string" readOnly="false" description="Provider class name
to use when creating the truststore."/>
- <c:simple-property name="provider-argument"
required="false" type="string" readOnly="false"
description="String argument to pass to the truststore Provider constructor when
instantiating it."/>
- </c:map-property>
- </resource-configuration>
- </service>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authentication=jaspi" />
+ </plugin-configuration>
- <service name="Mapping (Profile)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ &loginModuleResourceConfig;
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="mapping=classic"/>
- </plugin-configuration>
+ <service name="Login Module Stack (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
- <resource-configuration>
- <c:list-property name="mapping-modules"
required="false" description="List of modules that map principal, role, and
credential information">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="type" required="true"
type="string" readOnly="false" description="Type of mapping this
module performs. Allowed values are principal, role, attribute or credential.."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="login-module-stack" />
+ </plugin-configuration>
+
+ &loginModuleResourceConfig;
+
+ <service name="Module Options (Login Module Stack (Profile))"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options -->
+
+ </service>
+ </service>
+
+ <service name="Authorization (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authorization=classic" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+ <service name="Authorization Modules (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="policy-modules" />
+ </plugin-configuration>
+ &flagModuleResourceConfig;
+
+ <service name="Module Options (Authorization - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Authorization - Profile) -->
+ </service><!-- End of Authorization Modules (Profile) -->
+ </service>
+
+ <service name="Identity Trust (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="identity-trust=classic" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+ <service name="Identity Trust Modules (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="trust-modules" />
+ </plugin-configuration>
+ &flagModuleResourceConfig;
+
+ <service name="Module Options (Identity Trust - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent" singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Identity Trust - Profile) -->
+ </service><!-- End of Identity Trust Modules (Profile) -->
+ </service>
+
+ <service name="JSSE (Profile)" discovery="SubsystemDiscovery"
class="BaseComponent" createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="jsse" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:simple-property name="cipher-suites" required="false"
type="string" readOnly="false"
+ description="Comma separated list of cipher suites to enable on
SSLSockets." />
+ <c:simple-property name="client-alias" required="false"
type="string" readOnly="false"
+ description="Preferred alias to use when the KeyManager chooses the client
alias." />
+ <c:simple-property name="client-auth" required="false"
type="boolean" readOnly="false"
+ description="Boolean attribute to indicate if client's certificates
should also be authenticated on the server side." />
+ <c:map-property name="key-manager" required="false"
description="JSEE Key Manager factory">
+ <c:simple-property name="algorithm" required="false"
type="string" readOnly="false"
+ description="Algorithm to use when creating the KeyManagerFactory."
/>
+ <c:simple-property name="provider" required="false"
type="string" readOnly="false"
+ description="Provider class name to use when creating the
KeyManagerFactory." />
+ </c:map-property>
+ <c:map-property name="keystore" required="false"
description="Configures a JSSE key store">
+ <c:simple-property name="password" required="false"
type="string" readOnly="false"
+ description="Sets the password of the keystore. Either this or
'truststore-password' must be present otherwise the security
domain will be useless." />
+ <c:simple-property name="type" required="false"
type="string" readOnly="false"
+ description="Type of the keystore. If not set, type defaults to
'JKS'." />
+ <c:simple-property name="url" required="false"
type="string" readOnly="false" description="URL of the
keystore." />
+ <c:simple-property name="provider" required="false"
type="string" readOnly="false"
+ description="Provider class name to use when creating the KeyStore."
/>
+ <c:simple-property name="provider-argument"
required="false" type="string" readOnly="false"
+ description="String argument to pass to the keystore Provider constructor
when instantiating it." />
+ </c:map-property>
+ <c:simple-property name="protocols" required="false"
type="string" readOnly="false"
+ description="Comma separated list of protocols to enable on
SSLSockets." />
+ <c:simple-property name="server-alias" required="false"
type="string" readOnly="false"
+ description="Preferred alias to use when the KeyManager chooses the server
alias." />
+ <c:simple-property name="service-auth-token"
required="false" type="string" readOnly="false"
+ description="Token to retrieve PrivateKeys from the KeyStore." />
+ <c:map-property name="trust-manager" required="false"
description="JSEE Trust Manager factory">
+ <c:simple-property name="algorithm" required="false"
type="string" readOnly="false"
+ description="Algorithm to use when creating the TrustManagerFactory."
/>
+ <c:simple-property name="provider" required="false"
type="string" readOnly="false"
+ description="Provider class name to use when creating the
TrustManagerFactory." />
+ </c:map-property>
+ <c:map-property name="truststore" required="false"
description="Configures a JSSE trust store">
+ <c:simple-property name="password" required="false"
type="string" readOnly="false"
+ description="Sets the password of the truststore. Either this or
'keystore-password' must be present otherwise the security
domain will be useless." />
+ <c:simple-property name="type" required="false"
type="string" readOnly="false"
+ description="Type of the truststore. If not set, type defaults to
'JKS'." />
+ <c:simple-property name="url" required="false"
type="string" readOnly="false" description="URL of the
truststore." />
+ <c:simple-property name="provider" required="false"
type="string" readOnly="false"
+ description="Provider class name to use when creating the
truststore." />
+ <c:simple-property name="provider-argument"
required="false" type="string" readOnly="false"
+ description="String argument to pass to the truststore Provider
constructor when instantiating it." />
+ </c:map-property>
+ </resource-configuration>
+ </service>
+
+ <service name="Mapping (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="mapping=classic" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ <c:simple-property name="type" required="true"
type="string" readOnly="false"
+ description="Type of mapping this module performs. Allowed values are
principal, role, attribute or credential..">
+ <c:property-options>
+ <c:option value="attribute" />
+ <c:option value="credential" />
+ <c:option value="principal" />
+ <c:option value="role" />
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+ <service name="Mapping Modules (Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="mapping-modules" />
+ </plugin-configuration>
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ <c:simple-property name="type" required="true"
type="string" readOnly="false"
+ description="Type of mapping this module performs. Allowed values are
principal, role, attribute or credential..">
+ <c:property-options>
+ <c:option value="attribute" />
+ <c:option value="credential" />
+ <c:option value="principal" />
+ <c:option value="role" />
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+
+ <service name="Module Options (Mapping - Profile)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:map-property name="Module Options" required="false"
/>
+ </resource-configuration>
+ </service><!-- End of Module Options (Mapping - Profile) -->
+ </service><!-- End of Mapping Modules (Managed Server) -->
+ </service>
</service>
<service name="Vault (Profile)"
@@ -6611,6 +6723,27 @@
<c:simple-property name="routing-name"
required="false" type="string" readOnly="false"
description="Routing name of the divert"/>
<c:simple-property name="transformer-class-name"
required="false" type="string" readOnly="false"
description="The name of a class used to transform the message's body or
properties before it is diverted."/>
</resource-configuration>
+
+ <service name="Module Option"
+ discovery="SubsystemDiscovery"
+ class="BaseComponent"
+ createDeletePolicy="both"
+ description="The module options to be used."
+ singleton="true">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="module-options"/>
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:list-property name="Modules Options"
required="false" description="List of module options.">
+ <c:map-property name="*" required="false">
+ <c:simple-property name="name"/>
+ <c:simple-property name="value"/>
+ </c:map-property>
+ </c:list-property>
+ </resource-configuration>
+ </service>
</service>
<service name="Queue (Profile)"
@@ -10323,8 +10456,8 @@
</resource-configuration>
<service name="Security Domain"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
+ discovery="ModuleOptionsDiscoveryComponent"
+ class="ModuleOptionsComponent"
createDeletePolicy="both">
<plugin-configuration>
@@ -10352,219 +10485,200 @@
</c:simple-property>
</resource-configuration>
- <service name="ACL"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="ACL" discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent" singleton="true"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="acl=classic" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+ <service name="Acl Modules"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="acl-modules" />
+ </plugin-configuration>
+ &flagModuleResourceConfig;
+
+ <service name="Module Options (Acl)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
<plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="acl=classic"/>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
</plugin-configuration>
<resource-configuration>
- <c:list-property name="acl-modules" required="false"
description="List of acl modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the acl provider module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
+ <c:map-property name="Module Options" required="false"
/>
</resource-configuration>
- </service>
+ </service><!-- End of Module Options (Acl) -->
+ </service><!-- End of Acl Modules -->
+ </service>
- <service name="Audit"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="Audit"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent" singleton="true"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="audit=classic" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ </resource-configuration>
+ <service name="Provider Modules"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="provider-modules" />
+ </plugin-configuration>
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ </resource-configuration>
+
+ <service name="Module Options (Provider Modules)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
<plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="audit=classic"/>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
</plugin-configuration>
<resource-configuration>
- <c:list-property name="provider-modules"
required="false" description="List of provider modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
+ <c:map-property name="Module Options" required="false"
/>
</resource-configuration>
- </service>
+ </service><!-- End of Module Options (Provider Modules) -->
+ </service><!-- End of Provider Modules -->
+ </service>
- <service name="Authentication (Classic)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="Authentication (Classic)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authentication=classic" />
+ </plugin-configuration>
+
+ &loginModuleResourceConfig;
+
+ <service name="Login Modules (Classic)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="login-modules" />
+ </plugin-configuration>
+
+ &loginModuleResourceConfig;
+
+ <service name="Module Options (Classic)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
<plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authentication=classic"/>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
</plugin-configuration>
<resource-configuration>
- <c:list-property name="login-modules" required="false"
description="List of authentication modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="true"
- description="Class name of the module to be instantiated.">
- <c:property-options>
- <c:option value="AdvancedADLdap" />
- <c:option value="AdvancedLdap" />
- <c:option value="Certificate" />
- <c:option value="CertificateRoles" />
- <c:option value="Client" />
- <c:option value="Database" />
- <c:option value="DatabaseCertificate" />
- <c:option value="DatabaseUsers" />
- <c:option value="Identity" />
- <c:option value="Kerberos" />
- <c:option value="Ldap" />
- <c:option value="LdapExtended" />
- <c:option value="RoleMapping" />
- <c:option value="Simple" />
- <c:option value="SPNEGOUsers" />
- <c:option value="UserRoles" />
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the login module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
+ <c:map-property name="Module Options" required="false"
/>
</resource-configuration>
- </service>
+ </service><!-- End of Module Options -->
+ </service><!-- End of Login Modules (Classic) -->
+ </service><!-- End of Authentication (Classic) -->
- <service name="Authentication (Jaspi)"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="Authentication (Jaspi)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authentication=jaspi" />
+ </plugin-configuration>
+
+ &loginModuleResourceConfig;
+
+ <service name="Login Module Stack"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="login-module-stack" />
+ </plugin-configuration>
+
+ &loginModuleResourceConfig;
+
+ <service name="Module Options (Login Module Stack)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
<plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authentication=jaspi"/>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
</plugin-configuration>
<resource-configuration>
- <c:list-property name="auth-modules" required="true"
description="List of authentication modules to be used." >
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the auth module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- <c:simple-property name="login-module-stack-ref"
required="false" type="string" readOnly="false"
description="Reference to a login module stack name previously configured in the same
security domain."/>
- </c:map-property>
- </c:list-property>
+ <c:map-property name="Module Options" required="false"
/>
</resource-configuration>
+ </service><!-- End of Module Options -->
- <service name="Login Module Stack"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- createDeletePolicy="both">
+ </service>
+ </service>
- <plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="login-module-stack"/>
- </plugin-configuration>
+ <service name="Authorization"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
- <resource-configuration>
- <c:list-property name="login-modules" required="true"
description="List of authentication modules" >
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the login module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
- </resource-configuration>
- </service>
- </service>
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="authorization=classic" />
+ </plugin-configuration>
- <service name="Authorization"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ &flagModuleResourceConfig;
+
+ <service name="Authorization Modules"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="policy-modules" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+
+ <service name="Module Options (Authorization)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
<plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="authorization=classic"/>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
</plugin-configuration>
<resource-configuration>
- <c:list-property name="policy-modules" required="false"
description="List of authorization modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the policy module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
+ <c:map-property name="Module Options" required="false"
/>
</resource-configuration>
- </service>
+ </service><!-- End of Module Options (Authorization) -->
+ </service><!-- End of Authorization Modules -->
+ </service>
- <service name="Identity Trust"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="Identity Trust"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true" createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="identity-trust=classic" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+
+ <service name="Identity Trust Modules"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="trust-modules" />
+ </plugin-configuration>
+
+ &flagModuleResourceConfig;
+
+ <service name="Module Options (Identity Trust)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
<plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="identity-trust=classic"/>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
</plugin-configuration>
<resource-configuration>
- <c:list-property name="trust-modules" required="false"
description="List of trust modules">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="flag" required="true"
type="string" readOnly="false" description="The flag controls how
the module participates in the overall procedure. Allowed values are requisite, required,
sufficient or optional.">
- <c:property-options>
- <c:option value="sufficient"/>
- <c:option value="requisite"/>
- <c:option value="optional"/>
- <c:option value="required"/>
- </c:property-options>
- </c:simple-property>
- <c:simple-property name="module" required="false"
type="string" readOnly="false" description="Name of JBoss Module
where the identity trust module code is located."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
+ <c:map-property name="Module Options" required="false"
/>
</resource-configuration>
- </service>
+ </service><!-- End of Module Options (Identity Trust) -->
+ </service><!-- End of Identity Trust Modules -->
+ </service>
<service name="JSSE"
discovery="SubsystemDiscovery"
@@ -10607,26 +10721,59 @@
</resource-configuration>
</service>
- <service name="Mapping"
- discovery="SubsystemDiscovery"
- class="BaseComponent"
- singleton="true"
- createDeletePolicy="both">
+ <service name="Mapping"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent" singleton="true"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="mapping=classic" />
+ </plugin-configuration>
+
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ <c:simple-property name="type" required="true"
type="string" readOnly="false"
+ description="Type of mapping this module performs. Allowed values are
principal, role, attribute or credential..">
+ <c:property-options>
+ <c:option value="attribute" />
+ <c:option value="credential" />
+ <c:option value="principal" />
+ <c:option value="role" />
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+ <service name="Mapping Modules"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ createDeletePolicy="both">
+
+ <plugin-configuration>
+ <c:simple-property name="path" readOnly="true"
default="mapping-modules" />
+ </plugin-configuration>
+ <resource-configuration>
+ <c:simple-property name="code" required="true"
type="string" readOnly="false"
+ description="Class name of the module to be instantiated." />
+ <c:simple-property name="type" required="true"
type="string" readOnly="false"
+ description="Type of mapping this module performs. Allowed values are
principal, role, attribute or credential..">
+ <c:property-options>
+ <c:option value="attribute" />
+ <c:option value="credential" />
+ <c:option value="principal" />
+ <c:option value="role" />
+ </c:property-options>
+ </c:simple-property>
+ </resource-configuration>
+
+ <service name="Module Options (Mapping)"
discovery="ModuleOptionsDiscoveryComponent"
class="ModuleOptionsComponent"
+ singleton="true">
<plugin-configuration>
- <c:simple-property name="path" readOnly="true"
default="mapping=classic"/>
+ <c:simple-property name="path" readOnly="true"
default="module-options" />
</plugin-configuration>
<resource-configuration>
- <c:list-property name="mapping-modules" required="false"
description="List of modules that map principal, role, and credential
information">
- <c:map-property name="*" required="false">
- <c:simple-property name="code" required="true"
type="string" readOnly="false" description="Class name of the
module to be instantiated."/>
- <c:simple-property name="type" required="true"
type="string" readOnly="false" description="Type of mapping this
module performs. Allowed values are principal, role, attribute or credential.."/>
- <c:simple-property name="module-options"
required="false" type="string" readOnly="false"
description="List of module options containing a name/value pair."/>
- </c:map-property>
- </c:list-property>
+ <c:map-property name="Module Options" required="false"
/>
</resource-configuration>
- </service>
+ </service><!-- End of Module Options (Mapping) -->
+ </service><!-- End of Mapping Modules -->
+ </service>
</service>
<service name="Vault"
diff --git
a/modules/plugins/jboss-as-7/src/test/java/org/rhq/modules/plugins/jbossas7/SecurityModuleOptionsTest.java
b/modules/plugins/jboss-as-7/src/test/java/org/rhq/modules/plugins/jbossas7/SecurityModuleOptionsTest.java
new file mode 100644
index 0000000..49d8040
--- /dev/null
+++
b/modules/plugins/jboss-as-7/src/test/java/org/rhq/modules/plugins/jbossas7/SecurityModuleOptionsTest.java
@@ -0,0 +1,319 @@
+/*
+ * RHQ Management Platform
+ * Copyright (C) 2005-2011 Red Hat, Inc.
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+package org.rhq.modules.plugins.jbossas7;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.List;
+
+import org.codehaus.jackson.JsonGenerationException;
+import org.codehaus.jackson.JsonNode;
+import org.codehaus.jackson.JsonProcessingException;
+import org.codehaus.jackson.map.JsonMappingException;
+import org.codehaus.jackson.map.ObjectMapper;
+import org.codehaus.jackson.map.SerializationConfig;
+import org.testng.annotations.BeforeSuite;
+import org.testng.annotations.Test;
+
+import org.rhq.modules.plugins.jbossas7.ModuleOptionsComponent.ModuleOptionType;
+import org.rhq.modules.plugins.jbossas7.ModuleOptionsComponent.Value;
+import org.rhq.modules.plugins.jbossas7.json.Address;
+import org.rhq.modules.plugins.jbossas7.json.Operation;
+import org.rhq.modules.plugins.jbossas7.json.ReadAttribute;
+import org.rhq.modules.plugins.jbossas7.json.Remove;
+import org.rhq.modules.plugins.jbossas7.json.Result;
+import org.rhq.modules.plugins.jbossas7.json.WriteAttribute;
+
+/**
+ * Test exercising the subsystem=security/SecurityDomain/[Authentication, Authorization,
Mapping, Audit, Acl,
+ * Identity-Trust]
+ * @author Simeon Pinder
+ */
+@Test(groups = "unit")
+public class SecurityModuleOptionsTest extends AbstractConfigurationHandlingTest {
+
+ private static String user = "rhqadmin";
+ private static String pass = "as7";
+ private static String host = "localhost";
+ private static ASConnection con = null;
+ private static ObjectMapper mapper = null;
+ private ModuleOptionsComponent moc = null;
+
+ //Define some shared and reusable content
+ static HashMap<String, String> jsonMap = new HashMap<String, String>();
+ static {
+ jsonMap
+ .put(
+ "login-modules",
+ "[{\"flag\":\"required\",
\"code\":\"Ldap\",
\"module-options\":{\"bindDn\":\"uid=ldapSecureUser,ou=People,dc=redat,dc=com\",
\"bindPw\":\"test126\",
\"allowEmptyPasswords\":\"true\"}}]");
+ // "[{\"flag\":\"required\",
\"code\":\"Ldap\"}]");
+ jsonMap
+ .put(
+ "policy-modules",
+ "[{\"flag\":\"requisite\",
\"code\":\"LdapExtended\",
\"module-options\":{\"policy\":\"module\",
\"policy1\":\"module1\"}}]");
+ jsonMap
+ .put("mapping-modules",
+ "[{\"code\":\"Test\",
\"type\":\"attribute\",
\"module-options\":{\"mapping\":\"module\",
\"mapping1\":\"module1\"}}]");
+ jsonMap.put("provider-modules",
+ "[{\"code\":\"Providers\",
\"module-options\":{\"provider\":\"module\",
\"provider1\":\"module1\"}}]");
+ }
+
+ @BeforeSuite
+ private void initializeConnectionDetails() {
+ con = new ASConnection(host, 9990, user, pass);
+ mapper = new ObjectMapper();
+ mapper.configure(SerializationConfig.Feature.INDENT_OUTPUT, true);
+
+ moc = new ModuleOptionsComponent();
+ }
+
+ public static void main(String[] args) {
+ SecurityModuleOptionsTest test = new SecurityModuleOptionsTest();
+ try {
+ test.initializeConnectionDetails();
+ test.testPopulateModuleOptionsAndTypes();
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ }
+
+ /**The test reads the existing property values, deserializes them and writes the same
+ * contents back out to a running instance for all known ModuleOptionTypes.
+ *
+ * @throws Exception
+ */
+ public void testPopulateModuleOptionsAndTypes() throws Exception {
+
+ //as7 node details.
+ String securityDomainId = "testDomain";
+ //TODO: spinder 6-6-12: this cannot run as a standalone itest until JIRA
https://issues.jboss.org/browse/AS7-4951
+ // is addressed as there is no way to automate setup of the information
being tested.
+ String address = "subsystem=security,security-domain=" +
securityDomainId + ",authentication=classic";
+ boolean verboseOutput = true;
+ boolean executeOperation = true;
+ for (ModuleOptionType t : ModuleOptionType.values()) {
+ String attribute = t.getAttribute();
+ if (verboseOutput) {
+ System.out.println("======= Running with ModuleOptionType:" + t
+ " attribute:" + attribute + ":");
+ }
+ if (attribute.equals("policy-modules")) {
+ address = "subsystem=security,security-domain=" +
securityDomainId + ",authorization=classic";
+ } else if (attribute.equals("acl-modules")) {
+ address = "subsystem=security,security-domain=" +
securityDomainId + ",acl=classic";
+ } else if (attribute.equals("mapping-modules")) {
+ address = "subsystem=security,security-domain=" +
securityDomainId + ",mapping=classic";
+ } else if (attribute.equals("trust-modules")) {
+ address = "subsystem=security,security-domain=" +
securityDomainId + ",identity-trust=classic";
+ } else if (attribute.equals("provider-modules")) {
+ address = "subsystem=security,security-domain=" +
securityDomainId + ",audit=classic";
+ } else if (attribute.equals("login-modules")) {
+ address = "subsystem=security,security-domain=" +
securityDomainId + ",authentication=classic";
+ } else {
+ assert false : "An unknown attribute '" + attribute
+ + "' was found. Is there a new type to be supported?";
+ }
+
+ //test operation- read property always available.
+ Operation op = null;
+
+ //read the login-modules attribute
+ op = new ReadAttribute(new Address(address), attribute);
+ Result result = exerciseOperation(op, true, verboseOutput);
+ assert result.isSuccess() == true : "The operation '" + op +
"' failed to read the resource."
+ + result.getFailureDescription();
+ //extract current results
+ Object rawResult = result.getResult();
+ assert rawResult != null : "Read of attribute'" + attribute +
"' from address '" + address
+ + "' has returned no value. Are those values in the
model?";
+
+ List<Value> list2 = new ArrayList<Value>();
+ //populate the Value component complete with module Options.
+ list2 = moc.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+ if (verboseOutput) {
+ if (rawResult != null) {
+ System.out.println("Raw Result is:" + rawResult + "
and of type:" + rawResult.getClass());
+ } else {
+ System.out.println("Read of attribute'" + attribute +
"' from address '" + address
+ + "' has returned no value. Are those values in the
model?");
+ }
+ }
+ //write the login-modules attribute
+ op = new WriteAttribute(new Address(address));
+ op.addAdditionalProperty("name", attribute);//attribute to execute
on
+ op.addAdditionalProperty("value", list2);
+
+ //Now test the operation
+ result = exerciseOperation(op, executeOperation, verboseOutput);
+ assert ((result.isSuccess() == true) || (result.getOutcome() == null)) :
"The operation '" + op
+ + "' failed to write the resource.." +
result.getFailureDescription();
+
+ //read the login-modules attribute
+ op = new ReadAttribute(new Address(address), attribute);
+ result = exerciseOperation(op, true, verboseOutput);
+ assert (result.isSuccess() == true) : "The operation '" + op +
"' failed to read the resource."
+ + result.getFailureDescription();
+ }
+ if (verboseOutput) {
+ System.out.println("Successfully detected,read and wrote out attribute
values for:");
+ for (ModuleOptionType type : ModuleOptionType.values()) {
+ System.out.println("\n" + type.ordinal() + " " +
type.name());
+ }
+ }
+ }
+
+ /**Attempts to create a new Authentication node(authentication=classic) with a
+ * 'login-modules' attribute complete with 'code':'Ldap' and
'flag':'required'
+ * and some sample 'module-options' values.
+ *
+ */
+ @Test(enabled = true)
+ public void testCreateSecurityDomainChildLoginModules() {
+ boolean execute = true;
+ boolean verboseOutput = false;
+ String address =
"subsystem=security,security-domain=testDomain3,authentication=classic";
+ String attribute = ModuleOptionType.Authentication.getAttribute();
+
+ //test operation- read property always available.
+ Operation op = null;
+
+ //read the login-modules attribute
+ op = new ReadAttribute(new Address(address), attribute);
+ Result result = exerciseOperation(op, execute, verboseOutput);
+ assert result.isSuccess() == true : "The operation '" + op +
"' failed to read the resource."
+ + result.getFailureDescription();
+
+ //extract current results
+ Object rawResult = result.getResult();
+
+ //#### Have to create new content for the new node.
+ List<Value> moduleTypeValue = new ArrayList<Value>();
+ try {
+ // loading 'login-module'
+ JsonNode node = mapper.readTree(jsonMap.get(attribute));
+ result.setResult(mapper.treeToValue(node, Object.class));
+ } catch (JsonProcessingException e) {
+ e.printStackTrace();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+
+ //populate the Value component complete with module Options.
+ moduleTypeValue =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+
+ //add the login-modules attribute
+ op = ModuleOptionsComponent
+ .createAddModuleOptionTypeOperation(new Address(address), attribute,
moduleTypeValue);
+
+ result = exerciseOperation(op, execute, verboseOutput);
+ assert ((result.isSuccess() == true) || (result.getOutcome() == null)) :
"The operation '" + op
+ + "' failed to write the resource.." +
result.getFailureDescription();
+
+ //read the login-modules attribute
+ op = new ReadAttribute(new Address(address), attribute);
+ result = exerciseOperation(op, execute, verboseOutput);
+ assert result.isSuccess() == true : "The operation '" + op +
"' failed to read the resource."
+ + result.getFailureDescription();
+
+ //exercise values retrieved from read
+ List<Value> serverResponse =
ModuleOptionsComponent.populateSecurityDomainModuleOptions(result,
+ ModuleOptionsComponent.loadModuleOptionType(attribute));
+ Value serverState = serverResponse.get(0);
+ assert serverState.getFlag().equals("required") : "Incorrect state
retrieved for 'flag'. Expected 'required'.";
+ assert serverState.getCode().equals("Ldap") : "Incorrect state
retrieved for 'code'. Expected 'Ldap'.";
+ LinkedHashMap<String, Object> options = serverState.getOptions();
+ assert options.size() == 3 : "Invalid number of module options returned.
Expected 3.";
+ int found = 0;
+ for (String key : options.keySet()) {
+ if (key.equals("bindPw")) {
+ assert "test126".equals(options.get(key)) : "Module option
value not correct for key '" + key + "'.";
+ found++;
+ } else if (key.equals("bindDn")) {
+ assert
"uid=ldapSecureUser,ou=People,dc=redat,dc=com".equals(options.get(key)) :
"Module option value not correct for key '"
+ + key + "'.";
+ found++;
+ } else if (key.equals("allowEmptyPasswords")) {
+ assert "true".equals(options.get(key)) : "Module option
value not correct for key '" + key + "'.";
+ found++;
+ }
+ }
+ assert found == 3 : "All module options were not loaded.";
+
+ //remove the original node to reset for next run.
+ op = new Remove(new Address(address));
+ result = exerciseOperation(op, execute, verboseOutput);
+ assert result.isSuccess() == true : "The operation '" + op +
"' failed to remove the resource."
+ + result.getFailureDescription();
+ }
+
+ /** For each operation
+ * - will write verbose json and operation details to system.out if verboseOutput =
true;
+ * - will execute the operation against running server if execute = true.
+ *
+ * @param op
+ * @param execute
+ * @param verboseOutput
+ * @return
+ */
+ public static Result exerciseOperation(Operation op, boolean execute, boolean
verboseOutput) {
+ //display operation as AS7 plugin will build it
+ if (verboseOutput) {
+ System.out.println("\tOperation is:" + op);
+ }
+
+ String jsonToSend = "";
+ try {
+ // jsonToSend = mapper.writeValueAsString(op);
+ jsonToSend = mapper.defaultPrettyPrintingWriter().writeValueAsString(op);
+ } catch (JsonGenerationException e) {
+ e.printStackTrace();
+ } catch (JsonMappingException e) {
+ e.printStackTrace();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ //As generated by jackson mapper
+ if (verboseOutput) {
+ System.out.println("@@@@ OUTBOUND JSON#\n" + jsonToSend +
"#");
+ }
+
+ //Execute the operation
+ Result result = new Result();
+ if (execute) {
+ result = con.execute(op);
+ } else {
+ if (verboseOutput) {
+ System.out.println("**** NOTE: Execution disabled . NOT exercising
write-attribute operation. **** ");
+ }
+ }
+ if (verboseOutput) {
+ //result wrapper details
+ System.out.println("\tResult:" + result);
+ //detailed results
+ System.out.println("\tValue:" + result.getResult());
+
System.out.println("-----------------------------------------------------\n");
+ }
+ return result;
+ }
+}