org.jboss.as.controller.security

Class CredentialReference

java.lang.Object

org.jboss.as.controller.security.CredentialReference

public final class CredentialReference
extends Object

Utility class holding attribute definitions for credential-reference attribute in the model. The class is unifying access to credentials defined through CredentialStore. It defines credential-reference attribute that other subsystems can use to reference external credentials of various types.

Author:

Peter Skopek

Field Summary

Fields

Modifier and Type	Field and Description
static String	ALIAS Name of a field in the complex credential reference attribute.
static String	CLEAR_TEXT Name of a field in the complex credential reference attribute.
static String	CREDENTIAL_REFERENCE Standard name of a credential reference attribute.
static String	CREDENTIAL_STORE_CAPABILITY Capability required by a credential-reference attribute if its store field is configured.
static String	CREDENTIAL_STORE_UPDATE
static String	EXISTING_ENTRY_UPDATED
static String	KEY_DELIMITER
static String	NEW_ALIAS
static String	NEW_ENTRY_ADDED
static RejectAttributeChecker	REJECT_CREDENTIAL_REFERENCE_WITH_BOTH_STORE_AND_CLEAR_TEXT
static String	STATUS
static String	STORE Name of a field in the complex credential reference attribute.
static String	TYPE Name of a field in the complex credential reference attribute.
static String	UPDATE_ROLLED_BACK

Method Summary

Modifier and Type	Method and Description
static boolean	applyCredentialReferenceUpdateToRuntime(OperationContext context, org.jboss.dmr.ModelNode operation, org.jboss.dmr.ModelNode resolvedValue, org.jboss.dmr.ModelNode currentValue, String attributeName)
static String	credentialReferencePartAsStringIfDefined(org.jboss.dmr.ModelNode credentialReferenceValue, String name) Utility method to return part of ObjectTypeAttributeDefinition for credential reference attribute.
static ObjectTypeAttributeDefinition.Builder	getAttributeBuilder(boolean allowNull, boolean referenceCredentialStore) Gets an attribute builder for a credential-reference attribute with the standard credential-reference attribute name, a configurable setting as to whether the attribute is required, and optionally configured to register a requirement for a credential store capability.
static ObjectTypeAttributeDefinition.Builder	getAttributeBuilder(String name, String xmlName, boolean allowNull) Get an attribute builder for a credential-reference attribute with the specified characteristics.
static ObjectTypeAttributeDefinition.Builder	getAttributeBuilder(String name, String xmlName, boolean allowNull, boolean referenceCredentialStore) Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured to register a requirement for a credential store capability.
static ObjectTypeAttributeDefinition.Builder	getAttributeBuilder(String name, String xmlName, boolean allowNull, CapabilityReferenceRecorder capabilityStoreReferenceRecorder) Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured to AbstractAttributeDefinitionBuilder.setCapabilityReference(CapabilityReferenceRecorder) register a requirement} for a credential store capability.
static ObjectTypeAttributeDefinition	getAttributeDefinition() Returns a definition for a credential reference attribute.
static ObjectTypeAttributeDefinition	getAttributeDefinition(boolean referenceCredentialStore) Returns a definition for a credential reference attribute, one that optionally registers a requirement for a credential store capability.
static org.wildfly.security.credential.source.CredentialSource	getCredentialSource(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model)
static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception>	getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder) Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it.
static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception>	getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder, String keySuffix) Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it.
static void	handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode model)
static void	handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode credentialReference, String credentialReferenceAttributeName)
static void	rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, org.jboss.dmr.ModelNode resolvedValue)
static void	rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, Resource resource)
static void	rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, String store, String alias)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CREDENTIAL_STORE_CAPABILITY

public static final String CREDENTIAL_STORE_CAPABILITY

Capability required by a credential-reference attribute if its store field is configured.

See Also:

Constant Field Values

CREDENTIAL_REFERENCE

public static final String CREDENTIAL_REFERENCE

Standard name of a credential reference attribute.

See Also:

Constant Field Values

STORE

public static final String STORE

Name of a field in the complex credential reference attribute.

See Also:

Constant Field Values

ALIAS

public static final String ALIAS

Name of a field in the complex credential reference attribute.

See Also:

Constant Field Values

TYPE

public static final String TYPE

Name of a field in the complex credential reference attribute.

See Also:

Constant Field Values

CLEAR_TEXT

public static final String CLEAR_TEXT

Name of a field in the complex credential reference attribute.

See Also:

Constant Field Values

CREDENTIAL_STORE_UPDATE

public static final String CREDENTIAL_STORE_UPDATE

See Also:

Constant Field Values

STATUS

public static final String STATUS

See Also:

Constant Field Values

NEW_ENTRY_ADDED

public static final String NEW_ENTRY_ADDED

See Also:

Constant Field Values

EXISTING_ENTRY_UPDATED

public static final String EXISTING_ENTRY_UPDATED

See Also:

Constant Field Values

NEW_ALIAS

public static final String NEW_ALIAS

See Also:

Constant Field Values

UPDATE_ROLLED_BACK

public static final String UPDATE_ROLLED_BACK

See Also:

Constant Field Values

KEY_DELIMITER

public static final String KEY_DELIMITER

See Also:

Constant Field Values

REJECT_CREDENTIAL_REFERENCE_WITH_BOTH_STORE_AND_CLEAR_TEXT

public static final RejectAttributeChecker REJECT_CREDENTIAL_REFERENCE_WITH_BOTH_STORE_AND_CLEAR_TEXT

Method Detail

getAttributeDefinition

public static ObjectTypeAttributeDefinition getAttributeDefinition()

Returns a definition for a credential reference attribute. The store field in the attribute does not register any requirement for a credential store capability.

Returns:

credential reference attribute definition

getAttributeDefinition

public static ObjectTypeAttributeDefinition getAttributeDefinition(boolean referenceCredentialStore)

Returns a definition for a credential reference attribute, one that optionally registers a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.

Parameters:

referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.

Returns:

credential reference attribute definition

getAttributeBuilder

public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(boolean allowNull,
                                                                        boolean referenceCredentialStore)

Gets an attribute builder for a credential-reference attribute with the standard credential-reference attribute name, a configurable setting as to whether the attribute is required, and optionally configured to register a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.

Parameters:

allowNull - whether the attribute is required

referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.

Returns:

an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

getAttributeBuilder

public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name,
                                                                        String xmlName,
                                                                        boolean allowNull)

Get an attribute builder for a credential-reference attribute with the specified characteristics. The store field in the attribute does not register any requirement for a credential store capability.

Parameters:

name - name of attribute

xmlName - name of xml element

allowNull - false if the attribute is required

Returns:

an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

getAttributeBuilder

public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name,
                                                                        String xmlName,
                                                                        boolean allowNull,
                                                                        boolean referenceCredentialStore)

Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured to register a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.

Parameters:

name - name of attribute

xmlName - name of xml element

allowNull - false if the attribute is required

referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.

Returns:

an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

getAttributeBuilder

public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name,
                                                                        String xmlName,
                                                                        boolean allowNull,
                                                                        CapabilityReferenceRecorder capabilityStoreReferenceRecorder)

Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured to AbstractAttributeDefinitionBuilder.setCapabilityReference(CapabilityReferenceRecorder) register a requirement} for a credential store capability.

Parameters:

name - name of attribute

xmlName - name of xml element

allowNull - false if the attribute is required

capabilityStoreReferenceRecorder - a capability reference recorder that can record a requirement for the credential store referenced by the store field of the returned attribute definition. Can be null, in which case no requirement would be recorded. If not null the recorder's base requirement name must equal CREDENTIAL_STORE_CAPABILITY

Returns:

an ObjectTypeAttributeDefinition.Builder which can be used to build attribute definition

credentialReferencePartAsStringIfDefined

public static String credentialReferencePartAsStringIfDefined(org.jboss.dmr.ModelNode credentialReferenceValue,
                                                              String name)
                                                       throws OperationFailedException

Utility method to return part of ObjectTypeAttributeDefinition for credential reference attribute. getAttributeDefinition()

Parameters:

credentialReferenceValue - value of credential reference attribute

name - name of part to return (supported names: STORE ALIAS TYPE CLEAR_TEXT

Returns:

value of part as String

Throws:

OperationFailedException - when something goes wrong

getCredentialSourceSupplier

public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception> getCredentialSourceSupplier(OperationContext context,
                                                                                                                                                           ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition,
                                                                                                                                                           org.jboss.dmr.ModelNode model,
                                                                                                                                                           org.jboss.msc.service.ServiceBuilder<?> serviceBuilder)
                                                                                                                                                    throws OperationFailedException

Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it. CredentialSource is used later to retrieve the credential requested by configuration.

Parameters:

context - operation context

credentialReferenceAttributeDefinition - credential-reference attribute definition

model - containing the actual values

serviceBuilder - of service which needs the credential

Returns:

ExceptionSupplier of CredentialSource

Throws:

OperationFailedException - wrapping exception when something goes wrong

getCredentialSourceSupplier

public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception> getCredentialSourceSupplier(OperationContext context,
                                                                                                                                                           ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition,
                                                                                                                                                           org.jboss.dmr.ModelNode model,
                                                                                                                                                           org.jboss.msc.service.ServiceBuilder<?> serviceBuilder,
                                                                                                                                                           String keySuffix)
                                                                                                                                                    throws OperationFailedException

Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it. CredentialSource is used later to retrieve the credential requested by configuration.

Parameters:

context - operation context

credentialReferenceAttributeDefinition - credential-reference attribute definition

model - containing the actual values

serviceBuilder - of service which needs the credential

keySuffix - extra path elements

Returns:

ExceptionSupplier of CredentialSource

Throws:

OperationFailedException - wrapping exception when something goes wrong

getCredentialSource

public static org.wildfly.security.credential.source.CredentialSource getCredentialSource(OperationContext context,
                                                                                          ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition,
                                                                                          org.jboss.dmr.ModelNode model)
                                                                                   throws OperationFailedException

Throws:

OperationFailedException

handleCredentialReferenceUpdate

public static void handleCredentialReferenceUpdate(OperationContext context,
                                                   org.jboss.dmr.ModelNode model)
                                            throws OperationFailedException

Throws:

OperationFailedException

rollbackCredentialStoreUpdate

public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD,
                                                 OperationContext context,
                                                 Resource resource)

rollbackCredentialStoreUpdate

public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD,
                                                 OperationContext context,
                                                 org.jboss.dmr.ModelNode resolvedValue)

rollbackCredentialStoreUpdate

public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD,
                                                 OperationContext context,
                                                 String store,
                                                 String alias)

handleCredentialReferenceUpdate

public static void handleCredentialReferenceUpdate(OperationContext context,
                                                   org.jboss.dmr.ModelNode credentialReference,
                                                   String credentialReferenceAttributeName)
                                            throws OperationFailedException

Throws:

OperationFailedException

applyCredentialReferenceUpdateToRuntime

public static boolean applyCredentialReferenceUpdateToRuntime(OperationContext context,
                                                              org.jboss.dmr.ModelNode operation,
                                                              org.jboss.dmr.ModelNode resolvedValue,
                                                              org.jboss.dmr.ModelNode currentValue,
                                                              String attributeName)
                                                       throws OperationFailedException

Throws:

OperationFailedException