Package org.jboss.as.controller.security

Class CredentialReference

java.lang.Object
org.jboss.as.controller.security.CredentialReference
public final class CredentialReference extends Object
Utility class holding attribute definitions for credential-reference attribute in the model. The class is unifying access to credentials defined through CredentialStore. It defines credential-reference attribute that other subsystems can use to reference external credentials of various types.
Author:
Peter Skopek

  • Field Details

  • Method Details

    • getAttributeDefinition

      public static ObjectTypeAttributeDefinition getAttributeDefinition()
      Returns a definition for a credential reference attribute. The store field in the attribute does not register any requirement for a credential store capability.
      Returns:
      credential reference attribute definition

    • getAttributeDefinition

      public static ObjectTypeAttributeDefinition getAttributeDefinition(boolean referenceCredentialStore)
      Returns a definition for a credential reference attribute, one that optionally registers a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.
      Parameters:
      referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.
      Returns:
      credential reference attribute definition

    • getAttributeBuilder

      public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(boolean allowNull, boolean referenceCredentialStore)
      Gets an attribute builder for a credential-reference attribute with the standard credential-reference attribute name, a configurable setting as to whether the attribute is required, and optionally configured to register a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.
      Parameters:
      allowNull - whether the attribute is required
      referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.
      Returns:
      an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

    • getAttributeBuilder

      public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name, String xmlName, boolean allowNull)
      Get an attribute builder for a credential-reference attribute with the specified characteristics. The store field in the attribute does not register any requirement for a credential store capability.
      Parameters:
      name - name of attribute
      xmlName - name of xml element
      allowNull - false if the attribute is required
      Returns:
      an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

    • getAttributeBuilder

      public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name, String xmlName, boolean allowNull, boolean referenceCredentialStore)
      Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured to register a requirement for a credential store capability. If a requirement is registered, the dependent capability will be the single capability registered by the resource that uses this attribute definition. The resource must expose one and only one capability in order to use this facility.
      Parameters:
      name - name of attribute
      xmlName - name of xml element
      allowNull - false if the attribute is required
      referenceCredentialStore - true if the store field in the attribute should register a requirement for a credential store capability.
      Returns:
      an ObjectTypeAttributeDefinition.Builder which can be used to build an attribute definition

    • getAttributeBuilder

      public static ObjectTypeAttributeDefinition.Builder getAttributeBuilder(String name, String xmlName, boolean allowNull, CapabilityReferenceRecorder capabilityStoreReferenceRecorder)
      Get an attribute builder for a credential-reference attribute with the specified characteristics, optionally configured to AbstractAttributeDefinitionBuilder.setCapabilityReference(CapabilityReferenceRecorder) register a requirement} for a credential store capability.
      Parameters:
      name - name of attribute
      xmlName - name of xml element
      allowNull - false if the attribute is required
      capabilityStoreReferenceRecorder - a capability reference recorder that can record a requirement for the credential store referenced by the store field of the returned attribute definition. Can be null, in which case no requirement would be recorded. If not null the recorder's base requirement name must equal CREDENTIAL_STORE_CAPABILITY
      Returns:
      an ObjectTypeAttributeDefinition.Builder which can be used to build attribute definition

    • credentialReferencePartAsStringIfDefined

      public static String credentialReferencePartAsStringIfDefined(org.jboss.dmr.ModelNode credentialReferenceValue, String name) throws OperationFailedException
      Utility method to return part of ObjectTypeAttributeDefinition for credential reference attribute.
      Parameters:
      credentialReferenceValue - value of credential reference attribute
      name - name of part to return (supported names: STORE ALIAS TYPE CLEAR_TEXT
      Returns:
      value of part as String
      Throws:
      OperationFailedException - when something goes wrong

    • getCredentialSourceDependency

      public static ServiceDependency<org.wildfly.security.credential.source.CredentialSource> getCredentialSourceDependency(OperationContext context, AttributeDefinition attribute, org.jboss.dmr.ModelNode model) throws OperationFailedException
      Returns a service dependency on a CredentialSource used to obtain a credential referenced by the specified attribute.
      Parameters:
      context - operation context
      attribute - an attribute that references a credential
      model - a resource model
      Returns:
      a CredentialSource service dependency
      Throws:
      OperationFailedException - if the attribute could not be resolved

    • getCredentialSourceDependency

      public static ServiceDependency<org.wildfly.security.credential.source.CredentialSource> getCredentialSourceDependency(OperationContext context, AttributeDefinition attribute, org.jboss.dmr.ModelNode model, String keySuffix) throws OperationFailedException
      Returns a service dependency on a CredentialSource used to obtain a credential referenced by the specified attribute.
      Parameters:
      context - operation context
      attribute - an attribute that references a credential
      model - a resource model
      keySuffix - extra path elements
      Returns:
      a CredentialSource service dependency
      Throws:
      OperationFailedException - if the attribute could not be resolved

    • getCredentialSourceSupplier

      public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception> getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder) throws OperationFailedException
      Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it. CredentialSource is used later to retrieve the credential requested by configuration.
      Parameters:
      context - operation context
      credentialReferenceAttributeDefinition - credential-reference attribute definition
      model - containing the actual values
      serviceBuilder - of service which needs the credential
      Returns:
      ExceptionSupplier of CredentialSource
      Throws:
      OperationFailedException - wrapping exception when something goes wrong

    • getCredentialSourceSupplier

      public static org.wildfly.common.function.ExceptionSupplier<org.wildfly.security.credential.source.CredentialSource,Exception> getCredentialSourceSupplier(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model, org.jboss.msc.service.ServiceBuilder<?> serviceBuilder, String keySuffix) throws OperationFailedException
      Get the ExceptionSupplier of CredentialSource which might throw an Exception while getting it. CredentialSource is used later to retrieve the credential requested by configuration.
      Parameters:
      context - operation context
      credentialReferenceAttributeDefinition - credential-reference attribute definition
      model - containing the actual values
      serviceBuilder - of service which needs the credential
      keySuffix - extra path elements
      Returns:
      ExceptionSupplier of CredentialSource
      Throws:
      OperationFailedException - wrapping exception when something goes wrong

    • getCredentialSource

      public static org.wildfly.security.credential.source.CredentialSource getCredentialSource(OperationContext context, ObjectTypeAttributeDefinition credentialReferenceAttributeDefinition, org.jboss.dmr.ModelNode model) throws OperationFailedException
      Throws:
      OperationFailedException

    • handleCredentialReferenceUpdate

      public static void handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode model) throws OperationFailedException
      Throws:
      OperationFailedException

    • rollbackCredentialStoreUpdate

      public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, Resource resource)

    • rollbackCredentialStoreUpdate

      public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, org.jboss.dmr.ModelNode resolvedValue)

    • rollbackCredentialStoreUpdate

      public static void rollbackCredentialStoreUpdate(AttributeDefinition credentialReferenceAD, OperationContext context, String store, String alias)

    • handleCredentialReferenceUpdate

      public static void handleCredentialReferenceUpdate(OperationContext context, org.jboss.dmr.ModelNode credentialReference, String credentialReferenceAttributeName) throws OperationFailedException
      Throws:
      OperationFailedException

    • applyCredentialReferenceUpdateToRuntime

      public static boolean applyCredentialReferenceUpdateToRuntime(OperationContext context, org.jboss.dmr.ModelNode operation, org.jboss.dmr.ModelNode resolvedValue, org.jboss.dmr.ModelNode currentValue, String attributeName) throws OperationFailedException
      Throws:
      OperationFailedException