Examples of org.jboss.as.domain.management.SecurityRealm

• org.jboss.as.domain.management.SecurityRealm
  Interface to the security realm. @author Darran Lofthouse

            // Gather the required information to connect to the remote DC
            final ProtocolChannelClient.Configuration configuration = new ProtocolChannelClient.Configuration();
            configuration.setUri(new URI("remote://" + NetworkUtils.formatPossibleIpv6Address(localHostInfo.getRemoteDomainControllerHost()) + ":" + localHostInfo.getRemoteDomainControllertPort()));
            configuration.setEndpoint(endpointInjector.getValue());

            final SecurityRealm realm = securityRealmInjector.getOptionalValue();
            // Create the remote domain channel strategy
            connection = new RemoteDomainConnection(localHostInfo.getLocalHostName(), hostInfo, configuration, realm,
                                                    executor, new RemoteDomainConnection.HostRegistrationCallback() {
                @Override
                public boolean applyDomainModel(final List<ModelNode> bootOperations) {

            final ServiceName securityRealmServiceName = SecurityRealmService.BASE_SERVICE_NAME.append(this.securityRealmName);
            final ServiceController<SecurityRealm> securityRealmController = (ServiceController<SecurityRealm>) this.serviceRegistry.getService(securityRealmServiceName);
            if (securityRealmController == null) {
                return new AnonymousCallbackHandler();
            }
            final SecurityRealm securityRealm = securityRealmController.getValue();
            final CallbackHandlerFactory cbhFactory;
            if (securityRealm != null && (cbhFactory = securityRealm.getSecretCallbackHandlerFactory()) != null && this.userName != null) {
                return cbhFactory.getCallbackHandler(this.userName);
            } else {
                return new AnonymousCallbackHandler();
            }
        }

            // Gather the required information to connect to the remote DC
            final ProtocolChannelClient.Configuration configuration = new ProtocolChannelClient.Configuration();
            configuration.setUri(new URI("remote://" + NetworkUtils.formatPossibleIpv6Address(localHostInfo.getRemoteDomainControllerHost()) + ":" + localHostInfo.getRemoteDomainControllerPort()));
            configuration.setEndpoint(endpointInjector.getValue());

            final SecurityRealm realm = securityRealmInjector.getOptionalValue();
            // Create the remote domain channel strategy
            connection = new RemoteDomainConnection(localHostInfo.getLocalHostName(), hostInfo, configuration, realm,
                                                    executor, new RemoteDomainConnection.HostRegistrationCallback() {
                @Override
                public boolean applyDomainModel(final List<ModelNode> bootOperations) {

        final Endpoint endpoint = this.endpointInjectedValue.getValue();

        final CallbackHandler callbackHandler;
        final CallbackHandlerFactory cbhFactory;
        SSLContext sslContext = null;
        SecurityRealm realm = securityRealmInjectedValue.getOptionalValue();
        if (realm != null && (cbhFactory = realm.getSecretCallbackHandlerFactory()) != null && username != null) {
            callbackHandler = cbhFactory.getCallbackHandler(username);
        } else {
            callbackHandler = getCallbackHandler();
        }

        if (realm != null) {
            sslContext = realm.getSSLContext();
        }

        OptionMap.Builder builder = OptionMap.builder();
        builder.addAll(this.connectionCreationOptions);
        builder.set(SASL_POLICY_NOANONYMOUS, Boolean.FALSE);

            final ServiceName securityRealmServiceName = SecurityRealm.ServiceUtil.createServiceName(this.securityRealmName);
            final ServiceController<SecurityRealm> securityRealmController = (ServiceController<SecurityRealm>) this.serviceRegistry.getService(securityRealmServiceName);
            if (securityRealmController == null) {
                return new AnonymousCallbackHandler();
            }
            final SecurityRealm securityRealm = securityRealmController.getValue();
            final CallbackHandlerFactory cbhFactory;
            if (securityRealm != null && (cbhFactory = securityRealm.getSecretCallbackHandlerFactory()) != null && this.userName != null) {
                return cbhFactory.getCallbackHandler(this.userName);
            } else {
                return new AnonymousCallbackHandler();
            }
        }

        CallbackHandler getCallbackHandler() {
            final ServiceController<SecurityRealm> securityRealmController = (ServiceController<SecurityRealm>) this.serviceRegistry.getService(this.securityRealmServiceName);
            if (securityRealmController == null) {
                return new AnonymousCallbackHandler();
            }
            final SecurityRealm securityRealm = securityRealmController.getValue();
            final CallbackHandlerFactory cbhFactory;
            if (securityRealm != null && (cbhFactory = securityRealm.getSecretCallbackHandlerFactory()) != null && this.userName != null) {
                return cbhFactory.getCallbackHandler(this.userName);
            } else {
                return new AnonymousCallbackHandler();
            }
        }

            final ProtocolChannelClient.Configuration configuration = new ProtocolChannelClient.Configuration();
            configuration.setUri(new URI("remote://" + NetworkUtils.formatPossibleIpv6Address(localHostInfo.getRemoteDomainControllerHost()) + ":" + localHostInfo.getRemoteDomainControllerPort()));
            configuration.setEndpoint(endpointInjector.getValue());
            configuration.setOptionMap(options);

            final SecurityRealm realm = securityRealmInjector.getOptionalValue();
            // Create the remote domain channel strategy
            connection = new RemoteDomainConnection(localHostInfo.getLocalHostName(), hostInfo, configuration, realm,
                    localHostInfo.getRemoteDomainControllerUsername(), executor,
                    new RemoteDomainConnection.HostRegistrationCallback() {

        // Handle the Sasl protocol
        final SaslConfiguration saslConfig = this.configuration.getSasl();
        if (saslConfig != null) {
           final String clusterRole = saslConfig.getClusterRole();
           final SecurityRealm securityRealm = saslConfig.getSecurityRealm();
           final String mech = saslConfig.getMech();
           final SASL sasl = new SASL();
           sasl.setMech(mech);
           Map<String, String> props = saslConfig.getProperties();
           if (props.containsKey("client_password")) {
               String credential = props.get("client_password");
               String name = props.get("client_name");
               if (name == null) {
                   sasl.setClientCallbackHandler(new SaslClientCallbackHandler(securityRealm.getName(), this.configuration.getEnvironment().getNodeName(), credential));
               } else if (name.contains("@")) {
                   sasl.setClientCallbackHandler(new SaslClientCallbackHandler(name, credential));
               } else {
                   sasl.setClientCallbackHandler(new SaslClientCallbackHandler(securityRealm.getName(), name, credential));
               }
           } else {
               props.put("client_password", ""); // HACKY
           }
           Map<String, String> saslProps = props.containsKey("sasl_props") ? Util.parseCommaDelimitedProps(props.get("sasl_props")) : new HashMap<String, String>();

         SocketBinding socketBinding = getSocketBinding().getValue();
         InetSocketAddress socketAddress = socketBinding.getSocketAddress();
         configurationBuilder.host(socketAddress.getAddress().getHostAddress());
         configurationBuilder.port(socketAddress.getPort());

         SecurityRealm encryptionRealm = encryptionSecurityRealm.getOptionalValue();
         final String qual;
         if (encryptionRealm != null) {
            SSLContext sslContext = encryptionRealm.getSSLContext();
            if (sslContext == null) {
               throw ROOT_LOGGER.noSSLContext(serverName, encryptionRealm.getName());
            }
            configurationBuilder.ssl().sslContext(sslContext);
            qual = " (SSL)";
         } else {
            qual = "";
         }
         if (configurationBuilder instanceof HotRodServerConfigurationBuilder) { // FIXME: extend to all protocol servers once they support authn
            HotRodServerConfigurationBuilder hotRodBuilder = (HotRodServerConfigurationBuilder) configurationBuilder;

            if (serverContextName != null) {
               hotRodBuilder.authentication().serverSubject(getServerSubject(serverContextName));
            }
            SecurityRealm authenticationRealm = authenticationSecurityRealm.getOptionalValue();
            if (authenticationRealm != null) {
               hotRodBuilder.authentication().serverAuthenticationProvider(new EndpointServerAuthenticationProvider(authenticationRealm));
            }
         }

        final Endpoint endpoint = this.endpointInjectedValue.getValue();

        final CallbackHandler callbackHandler;
        final CallbackHandlerFactory cbhFactory;
        SSLContext sslContext = null;
        SecurityRealm realm = securityRealmInjectedValue.getOptionalValue();
        if (realm != null && (cbhFactory = realm.getSecretCallbackHandlerFactory()) != null && username != null) {
            callbackHandler = cbhFactory.getCallbackHandler(username);
        } else {
            callbackHandler = getCallbackHandler();
        }

        if (realm != null) {
            sslContext = realm.getSSLContext();
        }

        OptionMap.Builder builder = OptionMap.builder();
        builder.addAll(this.connectionCreationOptions);
        builder.set(SASL_POLICY_NOANONYMOUS, Boolean.FALSE);