Skip to content

Commit

Permalink
Merge pull request wildfly-extras#97 from OndrejKotek/elytron
Browse files Browse the repository at this point in the history
Adding new (ER1) attributes to Elytron server-ssl-context
  • Loading branch information
OndrejKotek authored Jun 19, 2017
2 parents 8446512 + eecd0fd commit b1baf39
Show file tree
Hide file tree
Showing 4 changed files with 71 additions and 23 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

import java.util.Arrays;
import java.util.List;

import org.wildfly.extras.creaper.core.offline.OfflineCommand;
import org.wildfly.extras.creaper.core.online.OnlineCommand;

Expand All @@ -11,8 +10,6 @@ abstract class AbstractAddSSLContext implements OnlineCommand, OfflineCommand {
protected final String name;
protected final String cipherSuiteFilter;
protected final List<String> protocols;
protected final Integer maximumSessionCacheSize;
protected final Integer sessionTimeout;
protected final String keyManager;
protected final String trustManager;
protected final String providers;
Expand All @@ -23,8 +20,6 @@ protected AbstractAddSSLContext(Builder builder) {
this.name = builder.name;
this.cipherSuiteFilter = builder.cipherSuiteFilter;
this.protocols = builder.protocols;
this.maximumSessionCacheSize = builder.maximumSessionCacheSize;
this.sessionTimeout = builder.sessionTimeout;
this.keyManager = builder.keyManager;
this.trustManager = builder.trustManager;
this.providers = builder.providers;
Expand All @@ -37,8 +32,6 @@ abstract static class Builder<THIS extends Builder> {
protected final String name;
protected String cipherSuiteFilter;
protected List<String> protocols;
protected Integer maximumSessionCacheSize;
protected Integer sessionTimeout;
protected String keyManager;
protected String trustManager;
private boolean replaceExisting;
Expand Down Expand Up @@ -67,16 +60,6 @@ public final THIS cipherSuiteFilter(String cipherSuiteFilter) {
return (THIS) this;
}

public final THIS maximumSessionCacheSize(Integer maximumSessionCacheSize) {
this.maximumSessionCacheSize = maximumSessionCacheSize;
return (THIS) this;
}

public final THIS sessionTimeout(Integer sessionTimeout) {
this.sessionTimeout = sessionTimeout;
return (THIS) this;
}

public final THIS keyManager(String keyManager) {
this.keyManager = keyManager;
return (THIS) this;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,26 @@ public final class AddServerSSLContext extends AbstractAddSSLContext {
private final Boolean authenticationOptional;
private final Boolean needClientAuth;
private final Boolean wantClientAuth;
private final Integer maximumSessionCacheSize;
private final Integer sessionTimeout;
private final String securityDomain;
private final String realmMapper;
private final String preRealmPrincipalTransformer;
private final String postRealmPrincipalTransformer;
private final String finalPrincipalTransformer;

private AddServerSSLContext(Builder builder) {
super(builder);
this.authenticationOptional = builder.authenticationOptional;
this.needClientAuth = builder.needClientAuth;
this.wantClientAuth = builder.wantClientAuth;
this.maximumSessionCacheSize = builder.maximumSessionCacheSize;
this.sessionTimeout = builder.sessionTimeout;
this.securityDomain = builder.securityDomain;

this.realmMapper = builder.realmMapper;
this.preRealmPrincipalTransformer = builder.preRealmPrincipalTransformer;
this.postRealmPrincipalTransformer = builder.postRealmPrincipalTransformer;
this.finalPrincipalTransformer = builder.finalPrincipalTransformer;
}

@Override
Expand All @@ -45,6 +56,10 @@ public void apply(OnlineCommandContext ctx) throws Exception {
.andOptional("need-client-auth", needClientAuth)
.andOptional("want-client-auth", wantClientAuth)
.andOptional("security-domain", securityDomain)
.andOptional("realm-mapper", realmMapper)
.andOptional("pre-realm-principal-transforemer", preRealmPrincipalTransformer)
.andOptional("post-realm-principal-transforemer", postRealmPrincipalTransformer)
.andOptional("final-principal-transforemer", finalPrincipalTransformer)
.andOptional("providers", providers)
.andOptional("provider-name", providerName));
}
Expand All @@ -64,6 +79,10 @@ public void apply(OfflineCommandContext ctx) throws Exception {
.parameter("atrNeedClientAuth", needClientAuth)
.parameter("atrWantClientAuth", wantClientAuth)
.parameter("atrSecurityDomain", securityDomain)
.parameter("atrRealmMapper", realmMapper)
.parameter("atrPreRealmPrincipalTransforemer", preRealmPrincipalTransformer)
.parameter("atrPostRealmPrincipalTransforemer", postRealmPrincipalTransformer)
.parameter("atrFinalPrincipalTransforemer", finalPrincipalTransformer)
.parameter("atrProviders", providers)
.parameter("atrProviderName", providerName)
.parameter("atrReplaceExisting", replaceExisting)
Expand All @@ -75,7 +94,13 @@ public static final class Builder extends AbstractAddSSLContext.Builder<Builder>
private Boolean authenticationOptional;
private Boolean needClientAuth;
private Boolean wantClientAuth;
private Integer maximumSessionCacheSize;
private Integer sessionTimeout;
private String securityDomain;
private String realmMapper;
private String preRealmPrincipalTransformer;
private String postRealmPrincipalTransformer;
private String finalPrincipalTransformer;

public Builder(String name) {
super(name);
Expand All @@ -96,11 +121,41 @@ public Builder wantClientAuth(Boolean wantClientAuth) {
return this;
}

public Builder maximumSessionCacheSize(Integer maximumSessionCacheSize) {
this.maximumSessionCacheSize = maximumSessionCacheSize;
return this;
}

public Builder sessionTimeout(Integer sessionTimeout) {
this.sessionTimeout = sessionTimeout;
return this;
}

public Builder securityDomain(String securityDomain) {
this.securityDomain = securityDomain;
return this;
}

public Builder realmMapper(String realmMapper) {
this.realmMapper = realmMapper;
return this;
}

public Builder preRealmPrincipalTransformer(String preRealmPrincipalTransformer) {
this.preRealmPrincipalTransformer = preRealmPrincipalTransformer;
return this;
}

public Builder postRealmPrincipalTransformer(String postRealmPrincipalTransformer) {
this.postRealmPrincipalTransformer = postRealmPrincipalTransformer;
return this;
}

public Builder finalPrincipalTransformer(String finalPrincipalTransformer) {
this.finalPrincipalTransformer = finalPrincipalTransformer;
return this;
}

@Override
public AddServerSSLContext build() {
if (keyManager == null || keyManager.isEmpty()) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,10 @@ if (atrAuthenticationOptional != null) sslContextAttrs['authentication-optional'
if (atrNeedClientAuth != null) sslContextAttrs['need-client-auth'] = atrNeedClientAuth
if (atrWantClientAuth != null) sslContextAttrs['want-client-auth'] = atrWantClientAuth
if (atrSecurityDomain != null) sslContextAttrs['security-domain'] = atrSecurityDomain
if (atrRealmMapper != null) sslContextAttrs['realm-mapper'] = atrRealmMapper
if (atrPreRealmPrincipalTransforemer != null) sslContextAttrs['pre-realm-principal-transforemer'] = atrPreRealmPrincipalTransforemer
if (atrPostRealmPrincipalTransforemer != null) sslContextAttrs['post-realm-principal-transforemer'] = atrPostRealmPrincipalTransforemer
if (atrFinalPrincipalTransforemer != null) sslContextAttrs['final-principal-transforemer'] = atrFinalPrincipalTransforemer
if (atrProviders != null) sslContextAttrs['providers'] = atrProviders
if (atrProviderName != null) sslContextAttrs['provider-name'] = atrProviderName

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@
import static org.junit.Assert.fail;
import static org.wildfly.extras.creaper.XmlAssert.assertXmlIdentical;

import com.google.common.base.Charsets;
import com.google.common.io.Files;
import java.io.File;

import org.custommonkey.xmlunit.XMLUnit;
import org.junit.Before;
import org.junit.Rule;
Expand All @@ -15,9 +16,6 @@
import org.wildfly.extras.creaper.core.offline.OfflineManagementClient;
import org.wildfly.extras.creaper.core.offline.OfflineOptions;

import com.google.common.base.Charsets;
import com.google.common.io.Files;

public class AddServerSSLContextOfflineTest {

private static final String SUBSYSTEM_EMPTY = ""
Expand Down Expand Up @@ -101,7 +99,11 @@ public class AddServerSSLContextOfflineTest {
+ " key-manager=\"keyManager\" trust-manager=\"trustManager\" "
+ " protocols=\"TLSv1.2 TLSv1.1\" authentication-optional=\"true\" "
+ " need-client-auth=\"false\" want-client-auth=\"true\" "
+ " security-domain=\"securityDomain\" provider-name=\"ksProvider\" providers=\"ksProviderLoader\"/>\n"
+ " security-domain=\"securityDomain\" realm-mapper=\"realmMapper\" "
+ " pre-realm-principal-transforemer=\"preRealmPrincipalTransformer\" "
+ " post-realm-principal-transforemer=\"postRealmPrincipalTransformer\" "
+ " final-principal-transforemer=\"finalPrincipalTransformer\" "
+ " provider-name=\"ksProvider\" providers=\"ksProviderLoader\"/>\n"
+ " </server-ssl-contexts>\n"
+ " </tls>\n"
+ " </subsystem>\n"
Expand Down Expand Up @@ -259,6 +261,10 @@ public void addFullToEmpty() throws Exception {
.needClientAuth(false)
.wantClientAuth(true)
.securityDomain("securityDomain")
.realmMapper("realmMapper")
.preRealmPrincipalTransformer("preRealmPrincipalTransformer")
.postRealmPrincipalTransformer("postRealmPrincipalTransformer")
.finalPrincipalTransformer("finalPrincipalTransformer")
.providerName("ksProvider")
.providers("ksProviderLoader")
.build();
Expand Down

0 comments on commit b1baf39

Please sign in to comment.