public boolean addRoleMappingPrincipal(final String roleName, final PrincipalType principalType, final MatchType matchType, final String name, final String realm, final boolean immediate) { RoleMappingImpl role = roleMappings.get(roleName); if (role != null) { if (immediate) { return role.addPrincipalImmediate(createPrincipal(principalType, name, realm), matchType); } else { return role.addPrincipal(createPrincipal(principalType, name, realm), matchType); } } return false; }
@Override public synchronized void registerAccessConstraintAttributeUtilization(AccessConstraintKey key, PathAddress address, String attribute) { AccessConstraintUtilizationImpl acu = getAccessConstraintUtilizationImpl(key, address); acu.addAttribute(attribute); }
@Override public synchronized Map<PathAddress, AccessConstraintUtilization> getAccessConstraintUtilizations(AccessConstraintKey accessConstraintKey) { Map<PathAddress, AccessConstraintUtilization> result = getAccessConstraintUtilizations(accessConstraintKey, false); return result == null ? Collections.<PathAddress, AccessConstraintUtilization>emptyMap() : Collections.unmodifiableMap(result); }
@Override public void execute(OperationContext context, ModelNode operation) throws OperationFailedException { if (context.isBooting()) { authorizerConfiguration.addRoleMappingImmediate(roleName); } else { authorizerConfiguration.addRoleMapping(roleName); } ModelNode model = context.readResource(PathAddress.EMPTY_ADDRESS).getModel(); boolean includeAll = RoleMappingResourceDefinition.INCLUDE_ALL.resolveModelAttribute(context, model).asBoolean(); if (includeAll) { authorizerConfiguration.setRoleMappingIncludeAll(roleName, includeAll); } registerRollbackHandler(context, roleName); } }, Stage.RUNTIME);
public DelegatingConfigurableAuthorizer() { this.writableAuthorizerConfiguration = new WritableAuthorizerConfiguration(StandardRBACAuthorizer.AUTHORIZER_DESCRIPTION); this.delegate = StandardRBACAuthorizer.create(writableAuthorizerConfiguration, new SuperUserRoleMapper(writableAuthorizerConfiguration)); }
@Override public boolean hasRole(String roleName) { final Set<String> canonicalRoles = roleMaps.canonicalRoles; return canonicalRoles.contains(getOfficialForm(roleName)); }
@Override public void setNonFacadeMBeansSensitive(boolean sensitive) { writableAuthorizerConfiguration.setNonFacadeMBeansSensitive(sensitive); }
public void setDelegate(Authorizer delegate) { assert delegate != null : "null delegate"; Authorizer currentDelegate = this.delegate; if (delegate instanceof CustomAuthorizer) { AuthorizerDescription description = ((CustomAuthorizer) delegate).setAuthorizerConfiguration(writableAuthorizerConfiguration); writableAuthorizerConfiguration.setAuthorizerDescription(description); } else { writableAuthorizerConfiguration.setAuthorizerDescription(delegate.getDescription()); } this.delegate = delegate; if (currentDelegate instanceof CustomAuthorizer) { ((CustomAuthorizer) currentDelegate).shutdown(); } else if (currentDelegate instanceof StandardRBACAuthorizer) { ((StandardRBACAuthorizer) currentDelegate).shutdown(); } }
authorizerConfig.reset(); ManagementResourceRegistration rootResourceRegistration = rootDescriptionProvider != null ? ManagementResourceRegistration.Factory.create(rootDescriptionProvider, authorizerConfig)
@Override public void execute(OperationContext context, ModelNode operation) throws OperationFailedException { if (context.isBooting()) { authorizerConfiguration.addRoleMappingImmediate(roleName); } else { authorizerConfiguration.addRoleMapping(roleName); } ModelNode model = context.readResource(PathAddress.EMPTY_ADDRESS).getModel(); boolean includeAll = RoleMappingResourceDefinition.INCLUDE_ALL.resolveModelAttribute(context, model).asBoolean(); if (includeAll) { authorizerConfiguration.setRoleMappingIncludeAll(roleName, includeAll); } registerRollbackHandler(context, roleName); } }, Stage.RUNTIME);
public DelegatingConfigurableAuthorizer() { this.writableAuthorizerConfiguration = new WritableAuthorizerConfiguration(StandardRBACAuthorizer.AUTHORIZER_DESCRIPTION); this.delegate = StandardRBACAuthorizer.create(writableAuthorizerConfiguration, new SuperUserRoleMapper(writableAuthorizerConfiguration)); }
@Override public boolean hasRole(String roleName) { final Set<String> canonicalRoles = roleMaps.canonicalRoles; return canonicalRoles.contains(getOfficialForm(roleName)); }
@Override public void setNonFacadeMBeansSensitive(boolean sensitive) { writableAuthorizerConfiguration.setNonFacadeMBeansSensitive(sensitive); }
public void setDelegate(Authorizer delegate) { assert delegate != null : "null delegate"; Authorizer currentDelegate = this.delegate; if (delegate instanceof CustomAuthorizer) { AuthorizerDescription description = ((CustomAuthorizer) delegate).setAuthorizerConfiguration(writableAuthorizerConfiguration); writableAuthorizerConfiguration.setAuthorizerDescription(description); } else { writableAuthorizerConfiguration.setAuthorizerDescription(delegate.getDescription()); } this.delegate = delegate; if (currentDelegate instanceof CustomAuthorizer) { ((CustomAuthorizer) currentDelegate).shutdown(); } else if (currentDelegate instanceof StandardRBACAuthorizer) { ((StandardRBACAuthorizer) currentDelegate).shutdown(); } }
authorizerConfig.reset(); ManagementResourceRegistration rootResourceRegistration = ManagementResourceRegistration.Factory.forProcessType(processType).createRegistration(rootResourceDefinition, authorizerConfig, capabilityRegistry); final ModelControllerImpl controller = new ModelControllerImpl(container, target,
@Override public synchronized void registerAccessConstraintOperationUtilization(AccessConstraintKey key, PathAddress address, String operation) { AccessConstraintUtilizationImpl acu = getAccessConstraintUtilizationImpl(key, address); acu.addOperation(operation); }
public boolean addRoleMappingPrincipal(final String roleName, final PrincipalType principalType, final MatchType matchType, final String name, final String realm, final boolean immediate) { RoleMappingImpl role = roleMappings.get(roleName); if (role != null) { if (immediate) { return role.addPrincipalImmediate(createPrincipal(principalType, name, realm), matchType); } else { return role.addPrincipal(createPrincipal(principalType, name, realm), matchType); } } return false; }
@Override public synchronized Map<PathAddress, AccessConstraintUtilization> getAccessConstraintUtilizations(AccessConstraintKey accessConstraintKey) { Map<PathAddress, AccessConstraintUtilization> result = getAccessConstraintUtilizations(accessConstraintKey, false); return result == null ? Collections.<PathAddress, AccessConstraintUtilization>emptyMap() : Collections.unmodifiableMap(result); }
public DelegatingConfigurableAuthorizer() { this.writableAuthorizerConfiguration = new WritableAuthorizerConfiguration(StandardRBACAuthorizer.AUTHORIZER_DESCRIPTION); this.delegate = StandardRBACAuthorizer.create(writableAuthorizerConfiguration, new SuperUserRoleMapper(writableAuthorizerConfiguration)); }
@Override public boolean hasRole(String roleName) { final Set<String> canonicalRoles = roleMaps.canonicalRoles; return canonicalRoles.contains(getOfficialForm(roleName)); }