Package org.jboss.as.controller.security
Class CredentialReference
- java.lang.Object
-
- org.jboss.as.controller.security.CredentialReference
-
public final class CredentialReference extends Object
Utility class holding attribute definitions for credential-reference attribute in the model. The class is unifying access to credentials defined throughCredentialStore
. It defines credential-reference attribute that other subsystems can use to reference external credentials of various types.- Author:
- Peter Skopek
-
-
Field Summary
Fields Modifier and Type Field Description static String
ALIAS
Name of a field in the complex credential reference attribute.static String
CLEAR_TEXT
Name of a field in the complex credential reference attribute.static String
CREDENTIAL_REFERENCE
Standard name of a credential reference attribute.static String
CREDENTIAL_STORE_CAPABILITY
Capability required by a credential-reference attribute if itsstore
field is configured.static String
CREDENTIAL_STORE_UPDATE
static String
EXISTING_ENTRY_UPDATED
static String
KEY_DELIMITER
static String
NEW_ALIAS
static String
NEW_ENTRY_ADDED
static RejectAttributeChecker
REJECT_CREDENTIAL_REFERENCE_WITH_BOTH_STORE_AND_CLEAR_TEXT
static String
STATUS
static String
STORE
Name of a field in the complex credential reference attribute.static String
TYPE
Name of a field in the complex credential reference attribute.static String
UPDATE_ROLLED_BACK
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static boolean
applyCredentialReferenceUpdateToRuntime(OperationContext context, org.jboss.dmr.ModelNode operation, org.jboss.dmr.ModelNode resolvedValue, org.jboss.dmr.ModelNode currentValue, String attributeName)
static String
credentialReferencePartAsStringIfDefined(org.jboss.dmr.ModelNode credentialReferenceValue, String name)
Utility method to return part ofObjectTypeAttributeDefinition
for credential reference attribute.static ObjectTypeAttributeDefinition.Builder
getAttributeBuilder(boolean allowNull, boolean referenceCredentialStore)
Gets an attribute builder for a credential-reference attribute with the standardcredential-reference
attribute name, a configurable setting as to whether the attribute is required, and optionally configured toregister a requirement
for acredential store capability
.static ObjectTypeAttributeDefinition.Builder
getAttributeBuilder(String name, String xmlName, boolean allowNull)
Get an attribute builder for a credential-reference attribute with the specified characteristics.static ObjectTypeAttributeDefinition.Builder
getAttributeBuilder(String name, String xmlName, boolean allowNull, boolean referenceCredentialStore)
Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured toregister a requirement
for acredential store capability
.static ObjectTypeAttributeDefinition.Builder
getAttributeBuilder(String name, String xmlName, boolean allowNull, CapabilityReferenceRecorder capabilityStoreReferenceRecorder)
Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured toAbstractAttributeDefinitionBuilder.setCapabilityReference(CapabilityReferenceRecorder)
register a requirement} for acredential store capability
.static ObjectTypeAttributeDefinition
getAttributeDefinition()
Returns a definition for a credential reference attribute.static ObjectTypeAttributeDefinition
getAttributeDefinition(boolean referenceCredentialStore)
Returns a definition for a credential reference attribute, one that optionallyregisters a requirement
for acredential store capability
.static org.wildfly.security.credential.source.CredentialSource
getCredentialSource(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model)
static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception>
getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder)
Get the ExceptionSupplier ofCredentialSource
which might throw an Exception while getting it.static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception>
getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder, String keySuffix)
Get the ExceptionSupplier ofCredentialSource
which might throw an Exception while getting it.static void
handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode model)
static void
handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode credentialReference, String credentialReferenceAttributeName)
static void
rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, String store, String alias)
static void
rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, Resource resource)
static void
rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, org.jboss.dmr.ModelNode resolvedValue)
-
-
-
Field Detail
-
CREDENTIAL_STORE_CAPABILITY
public static final String CREDENTIAL_STORE_CAPABILITY
Capability required by a credential-reference attribute if itsstore
field is configured.- See Also:
- Constant Field Values
-
CREDENTIAL_REFERENCE
public static final String CREDENTIAL_REFERENCE
Standard name of a credential reference attribute.- See Also:
- Constant Field Values
-
STORE
public static final String STORE
Name of a field in the complex credential reference attribute.- See Also:
- Constant Field Values
-
ALIAS
public static final String ALIAS
Name of a field in the complex credential reference attribute.- See Also:
- Constant Field Values
-
TYPE
public static final String TYPE
Name of a field in the complex credential reference attribute.- See Also:
- Constant Field Values
-
CLEAR_TEXT
public static final String CLEAR_TEXT
Name of a field in the complex credential reference attribute.- See Also:
- Constant Field Values
-
CREDENTIAL_STORE_UPDATE
public static final String CREDENTIAL_STORE_UPDATE
- See Also:
- Constant Field Values
-
STATUS
public static final String STATUS
- See Also:
- Constant Field Values
-
NEW_ENTRY_ADDED
public static final String NEW_ENTRY_ADDED
- See Also:
- Constant Field Values
-
EXISTING_ENTRY_UPDATED
public static final String EXISTING_ENTRY_UPDATED
- See Also:
- Constant Field Values
-
NEW_ALIAS
public static final String NEW_ALIAS
- See Also:
- Constant Field Values
-
UPDATE_ROLLED_BACK
public static final String UPDATE_ROLLED_BACK
- See Also:
- Constant Field Values
-
KEY_DELIMITER
public static final String KEY_DELIMITER
- See Also:
- Constant Field Values
-
REJECT_CREDENTIAL_REFERENCE_WITH_BOTH_STORE_AND_CLEAR_TEXT
public static final RejectAttributeChecker REJECT_CREDENTIAL_REFERENCE_WITH_BOTH_STORE_AND_CLEAR_TEXT
-
-
Method Detail
-
getAttributeDefinition
public static ObjectTypeAttributeDefinition getAttributeDefinition()
Returns a definition for a credential reference attribute. Thestore
field in the attribute does not register any requirement for a credential store capability.- Returns:
- credential reference attribute definition
-
getAttributeDefinition
public static ObjectTypeAttributeDefinition getAttributeDefinition(boolean referenceCredentialStore)
Returns a definition for a credential reference attribute, one that optionallyregisters a requirement
for acredential store capability
. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.- Parameters:
referenceCredentialStore
-true
if thestore
field in the attribute should register a requirement for a credential store capability.- Returns:
- credential reference attribute definition
-
getAttributeBuilder
public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(boolean allowNull, boolean referenceCredentialStore)
Gets an attribute builder for a credential-reference attribute with the standardcredential-reference
attribute name, a configurable setting as to whether the attribute is required, and optionally configured toregister a requirement
for acredential store capability
. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.- Parameters:
allowNull
- whether the attribute is requiredreferenceCredentialStore
-true
if thestore
field in the attribute should register a requirement for a credential store capability.- Returns:
- an
ObjectTypeAttributeDefinition.Builder
which can be used to build an attribute definition
-
getAttributeBuilder
public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name, String xmlName, boolean allowNull)
Get an attribute builder for a credential-reference attribute with the specified characteristics. Thestore
field in the attribute does not register any requirement for a credential store capability.- Parameters:
name
- name of attributexmlName
- name of xml elementallowNull
-false
if the attribute is required- Returns:
- an
ObjectTypeAttributeDefinition.Builder
which can be used to build an attribute definition
-
getAttributeBuilder
public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name, String xmlName, boolean allowNull, boolean referenceCredentialStore)
Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured toregister a requirement
for acredential store capability
. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.- Parameters:
name
- name of attributexmlName
- name of xml elementallowNull
-false
if the attribute is requiredreferenceCredentialStore
-true
if thestore
field in the attribute should register a requirement for a credential store capability.- Returns:
- an
ObjectTypeAttributeDefinition.Builder
which can be used to build an attribute definition
-
getAttributeBuilder
public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name, String xmlName, boolean allowNull, CapabilityReferenceRecorder capabilityStoreReferenceRecorder)
Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured toAbstractAttributeDefinitionBuilder.setCapabilityReference(CapabilityReferenceRecorder)
register a requirement} for acredential store capability
.- Parameters:
name
- name of attributexmlName
- name of xml elementallowNull
-false
if the attribute is requiredcapabilityStoreReferenceRecorder
- a capability reference recorder that can record a requirement for the credential store referenced by thestore
field of the returned attribute definition. Can benull
, in which case no requirement would be recorded. If notnull
the recorder'sbase requirement name
must equalCREDENTIAL_STORE_CAPABILITY
- Returns:
- an
ObjectTypeAttributeDefinition.Builder
which can be used to build attribute definition
-
credentialReferencePartAsStringIfDefined
public static String credentialReferencePartAsStringIfDefined(org.jboss.dmr.ModelNode credentialReferenceValue, String name) throws OperationFailedException
Utility method to return part ofObjectTypeAttributeDefinition
for credential reference attribute. {@see CredentialReference#getAttributeDefinition}- Parameters:
credentialReferenceValue
- value of credential reference attributename
- name of part to return (supported names:STORE
ALIAS
TYPE
CLEAR_TEXT
- Returns:
- value of part as
String
- Throws:
OperationFailedException
- when something goes wrong
-
getCredentialSourceSupplier
public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception> getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder) throws OperationFailedException
Get the ExceptionSupplier ofCredentialSource
which might throw an Exception while getting it.CredentialSource
is used later to retrieve the credential requested by configuration.- Parameters:
context
- operation contextcredentialReferenceAttributeDefinition
- credential-reference attribute definitionmodel
- containing the actual valuesserviceBuilder
- of service which needs the credential- Returns:
- ExceptionSupplier of CredentialSource
- Throws:
OperationFailedException
- wrapping exception when something goes wrong
-
getCredentialSourceSupplier
public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception> getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder, String keySuffix) throws OperationFailedException
Get the ExceptionSupplier ofCredentialSource
which might throw an Exception while getting it.CredentialSource
is used later to retrieve the credential requested by configuration.- Parameters:
context
- operation contextcredentialReferenceAttributeDefinition
- credential-reference attribute definitionmodel
- containing the actual valuesserviceBuilder
- of service which needs the credentialkeySuffix
- extra path elements- Returns:
- ExceptionSupplier of CredentialSource
- Throws:
OperationFailedException
- wrapping exception when something goes wrong
-
getCredentialSource
public static org.wildfly.security.credential.source.CredentialSource getCredentialSource(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model) throws OperationFailedException
- Throws:
OperationFailedException
-
handleCredentialReferenceUpdate
public static void handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode model) throws OperationFailedException
- Throws:
OperationFailedException
-
rollbackCredentialStoreUpdate
public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, Resource resource)
-
rollbackCredentialStoreUpdate
public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, org.jboss.dmr.ModelNode resolvedValue)
-
rollbackCredentialStoreUpdate
public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, String store, String alias)
-
handleCredentialReferenceUpdate
public static void handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode credentialReference, String credentialReferenceAttributeName) throws OperationFailedException
- Throws:
OperationFailedException
-
applyCredentialReferenceUpdateToRuntime
public static boolean applyCredentialReferenceUpdateToRuntime(OperationContext context, org.jboss.dmr.ModelNode operation, org.jboss.dmr.ModelNode resolvedValue, org.jboss.dmr.ModelNode currentValue, String attributeName) throws OperationFailedException
- Throws:
OperationFailedException
-
-