Package org.jboss.as.controller.security

Class CredentialReference

  • public final class CredentialReference
extends Object
    Utility class holding attribute definitions for credential-reference attribute in the model. The class is unifying access to credentials defined through CredentialStore. It defines credential-reference attribute that other subsystems can use to reference external credentials of various types.
    Author:
    Peter Skopek

    • Method Detail

      • getAttributeDefinition

        public static ObjectTypeAttributeDefinition getAttributeDefinition()
        Returns a definition for a credential reference attribute. The store field in the attribute does not register any requirement for a credential store capability.
        Returns:
        credential reference attribute definition

      • getAttributeDefinition

        public static ObjectTypeAttributeDefinition getAttributeDefinition​(boolean referenceCredentialStore)
        Returns a definition for a credential reference attribute, one that optionally registers a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.
        Parameters:
        referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.
        Returns:
        credential reference attribute definition

      • getAttributeBuilder

        public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder​(boolean allowNull,
                                                                        boolean referenceCredentialStore)
        Gets an attribute builder for a credential-reference attribute with the standard credential-reference attribute name, a configurable setting as to whether the attribute is required, and optionally configured to register a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.
        Parameters:
        allowNull - whether the attribute is required
        referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.
        Returns:
        an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

      • getAttributeBuilder

        public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder​(String name,
                                                                        String xmlName,
                                                                        boolean allowNull)
        Get an attribute builder for a credential-reference attribute with the specified characteristics. The store field in the attribute does not register any requirement for a credential store capability.
        Parameters:
        name - name of attribute
        xmlName - name of xml element
        allowNull - false if the attribute is required
        Returns:
        an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

      • getAttributeBuilder

        public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder​(String name,
                                                                        String xmlName,
                                                                        boolean allowNull,
                                                                        boolean referenceCredentialStore)
        Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured to register a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.
        Parameters:
        name - name of attribute
        xmlName - name of xml element
        allowNull - false if the attribute is required
        referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.
        Returns:
        an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

      • credentialReferencePartAsStringIfDefined

        public static String credentialReferencePartAsStringIfDefined​(org.jboss.dmr.ModelNode credentialReferenceValue,
                                                              String name)
                                                       throws OperationFailedException
        Utility method to return part of ObjectTypeAttributeDefinition for credential reference attribute. {@see CredentialReference#getAttributeDefinition}
        Parameters:
        credentialReferenceValue - value of credential reference attribute
        name - name of part to return (supported names: STORE ALIAS TYPE CLEAR_TEXT
        Returns:
        value of part as String
        Throws:
        OperationFailedException - when something goes wrong

      • getCredentialSourceSupplier

        public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,​Exception> getCredentialSourceSupplier​(OperationContext context,
                                                                                                                                                                 ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition,
                                                                                                                                                                 org.jboss.dmr.ModelNode model,
                                                                                                                                                                 org.jboss.msc.service.ServiceBuilder<?> serviceBuilder)
                                                                                                                                                          throws OperationFailedException
        Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it. CredentialSource is used later to retrieve the credential requested by configuration.
        Parameters:
        context - operation context
        credentialReferenceAttributeDefinition - credential-reference attribute definition
        model - containing the actual values
        serviceBuilder - of service which needs the credential
        Returns:
        ExceptionSupplier of CredentialSource
        Throws:
        OperationFailedException - wrapping exception when something goes wrong

      • getCredentialSourceSupplier

        public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,​Exception> getCredentialSourceSupplier​(OperationContext context,
                                                                                                                                                                 ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition,
                                                                                                                                                                 org.jboss.dmr.ModelNode model,
                                                                                                                                                                 org.jboss.msc.service.ServiceBuilder<?> serviceBuilder,
                                                                                                                                                                 String keySuffix)
                                                                                                                                                          throws OperationFailedException
        Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it. CredentialSource is used later to retrieve the credential requested by configuration.
        Parameters:
        context - operation context
        credentialReferenceAttributeDefinition - credential-reference attribute definition
        model - containing the actual values
        serviceBuilder - of service which needs the credential
        keySuffix - extra path elements
        Returns:
        ExceptionSupplier of CredentialSource
        Throws:
        OperationFailedException - wrapping exception when something goes wrong

      • rollbackCredentialStoreUpdate

        public static void rollbackCredentialStoreUpdate​(AttributeDefinition credentialReferenceAD,
                                                 OperationContext context,
                                                 org.jboss.dmr.ModelNode resolvedValue)