/** * Construct this security domain. * * Construction requires {@code createSecurityDomain} {@link ElytronPermission}. * * @return the new security domain */ public SecurityDomain build() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_SECURITY_DOMAIN); } final LinkedHashMap<String, RealmInfo> realmMap = new LinkedHashMap<>(realms.size()); for (RealmBuilder realmBuilder : realms.values()) { realmMap.put(realmBuilder.getName(), new RealmInfo(realmBuilder)); } if (defaultRealmName != null && !realmMap.containsKey(defaultRealmName)) { throw log.realmMapDoesNotContainDefault(defaultRealmName); } assertNotBuilt(); built = true; if(log.isTraceEnabled()) { log.tracef("Building security domain with defaultRealmName %s.", defaultRealmName); if(realmMap.size() > 1) { log.tracef("The following additional realms were added: %s.", realmMap.keySet().toString()); } } return new SecurityDomain(this, realmMap); }
final AuthMechanism mechanism = currentRegistration.getKey(); domainBuilder.addRealm(mechanism.toString(), new SharedStateSecurityRealm(currentService.allowGroupLoading() && authorizationRealm != null ? new AggregateSecurityRealm(elytronRealm, authorizationRealm) : elytronRealm)) .setRoleDecoder(RoleDecoder.simple("GROUPS")) mechanismConfiguration.put(WildFlySasl.ALTERNATIVE_PROTOCOLS, "remoting"); domainBuilder.addRealm("EMPTY", org.wildfly.security.auth.server.SecurityRealm.EMPTY_REALM).build(); domainBuilder.setDefaultRealmName("EMPTY"); domainBuilder.addRealm(DomainManagedServerCallbackHandler.DOMAIN_SERVER_AUTH_REALM, new org.wildfly.security.auth.server.SecurityRealm() { @Override public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> aClass, String s, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException { domainBuilder.setPermissionMapper((permissionMappable, roles) -> permissionVerifier); SecurityDomain securityDomain = domainBuilder.build();
final AuthMechanism mechanism = currentRegistration.getKey(); domainBuilder.addRealm(mechanism.toString(), new SharedStateSecurityRealm(currentService.allowGroupLoading() && authorizationRealm != null ? new AggregateSecurityRealm(elytronRealm, authorizationRealm) : elytronRealm)) .setRoleDecoder(RoleDecoder.simple("GROUPS")) mechanismConfiguration.put(WildFlySasl.ALTERNATIVE_PROTOCOLS, "remoting"); domainBuilder.addRealm("EMPTY", org.wildfly.security.auth.server.SecurityRealm.EMPTY_REALM).build(); domainBuilder.setDefaultRealmName("EMPTY"); domainBuilder.addRealm(DomainManagedServerCallbackHandler.DOMAIN_SERVER_AUTH_REALM, new org.wildfly.security.auth.server.SecurityRealm() { @Override public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> aClass, String s, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException { domainBuilder.setPermissionMapper((permissionMappable, roles) -> permissionVerifier); SecurityDomain securityDomain = domainBuilder.build();
.setDefaultRealmName("Empty") .addRealm("Empty", SecurityRealm.EMPTY_REALM).build() .build();
.setDefaultRealmName("Empty") .addRealm("Empty", SecurityRealm.EMPTY_REALM).build() .build();
domainBuilder.addRealm("default", SecurityRealm.EMPTY_REALM).build(); domainBuilder.setDefaultRealmName("default"); domainBuilder.setPermissionMapper((permissionMappable, roles) -> SecurityRealmService.createPermissionVerifier()); final SaslAuthenticationFactory.Builder authBuilder = SaslAuthenticationFactory.builder(); authBuilder.setSecurityDomain(domainBuilder.build()); authBuilder.setFactory(new AnonymousServerFactory()); authBuilder.setMechanismConfigurationSelector(mechanismInformation -> MechanismConfiguration.EMPTY);
private static SecurityDomain createSecurityDomain() { return SecurityDomain.builder().setDefaultRealmName("Empty").addRealm("Empty", new SecurityRealm() { return SupportLevel.UNSUPPORTED; }).setRoleDecoder(RoleDecoder.simple("GROUPS")).build().setPermissionMapper((permissionMappable, roles) -> LoginPermission.getInstance()).build();
builder.setPreRealmRewriter(principalTransformers.get(preRealmPrincipalTransformer).getValue()); builder.setPostRealmRewriter(principalTransformers.get(postRealmPrincipalTransformer).getValue()); builder.setPrincipalDecoder(PrincipalDecoder.aggregate(principalDecoder, PrincipalDecoder.DEFAULT)); builder.setRealmMapper(realmMapper); builder.setPermissionMapper(permissionMapper); builder.setRoleMapper(roleMappers.get(roleMapper).getValue()); builder.setDefaultRealmName(defaultRealm); RealmBuilder realmBuilder = builder.addRealm(realmName, realmDependency.securityRealmInjector.getValue()); if (realmDependency.principalTransformer != null) { realmBuilder.setPrincipalRewriter(principalTransformers.get(realmDependency.principalTransformer).getValue()); builder.setTrustedSecurityDomainPredicate(trustedSecurityDomain); builder.setSecurityIdentityTransformer(identityOperator); SecurityEventListener securityEventListener = securityEventListenerInjector.getOptionalValue(); if (securityEventListener != null) { builder.setSecurityEventListener(securityEventListener); securityDomain = builder.build();
domainBuilder.setPermissionMapper((permissionMappable, roles) -> LoginPermission.getInstance()); domainBuilder.addRealm("default", org.wildfly.security.auth.server.SecurityRealm.EMPTY_REALM).build(); domainBuilder.setDefaultRealmName("default"); factory = SaslAuthenticationFactory .builder() .setFactory(new AnonymousServerFactory()) .setMechanismConfigurationSelector(i -> MechanismConfiguration.EMPTY) .setSecurityDomain(domainBuilder.build()) .build();
private static SecurityDomain createSecurityDomain() { return SecurityDomain.builder().setDefaultRealmName("Empty").addRealm("Empty", new SecurityRealm() { return SupportLevel.UNSUPPORTED; }).setRoleDecoder(RoleDecoder.simple("GROUPS")).build().setPermissionMapper((permissionMappable, roles) -> LoginPermission.getInstance()).build();
/** * Construct this security domain. * * Construction requires {@code createSecurityDomain} {@link ElytronPermission}. * * @return the new security domain */ public SecurityDomain build() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_SECURITY_DOMAIN); } final LinkedHashMap<String, RealmInfo> realmMap = new LinkedHashMap<>(realms.size()); for (RealmBuilder realmBuilder : realms.values()) { realmMap.put(realmBuilder.getName(), new RealmInfo(realmBuilder)); } if (defaultRealmName != null && !realmMap.containsKey(defaultRealmName)) { throw log.realmMapDoesNotContainDefault(defaultRealmName); } assertNotBuilt(); built = true; if(log.isTraceEnabled()) { log.tracef("Building security domain with defaultRealmName %s.", defaultRealmName); if(realmMap.size() > 1) { log.tracef("The following additional realms were added: %s.", realmMap.keySet().toString()); } } return new SecurityDomain(this, realmMap); }
/** * Construct this security domain. * * Construction requires {@code createSecurityDomain} {@link ElytronPermission}. * * @return the new security domain */ public SecurityDomain build() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_SECURITY_DOMAIN); } final LinkedHashMap<String, RealmInfo> realmMap = new LinkedHashMap<>(realms.size()); for (RealmBuilder realmBuilder : realms.values()) { realmMap.put(realmBuilder.getName(), new RealmInfo(realmBuilder)); } if (defaultRealmName != null && !realmMap.containsKey(defaultRealmName)) { throw log.realmMapDoesNotContainDefault(defaultRealmName); } assertNotBuilt(); built = true; if(log.isTraceEnabled()) { log.tracef("Building security domain with defaultRealmName %s.", defaultRealmName); if(realmMap.size() > 1) { log.tracef("The following additional realms were added: %s.", realmMap.keySet().toString()); } } return new SecurityDomain(this, realmMap); }
/** * Construct this security domain. * * Construction requires {@code createSecurityDomain} {@link ElytronPermission}. * * @return the new security domain */ public SecurityDomain build() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_SECURITY_DOMAIN); } final LinkedHashMap<String, RealmInfo> realmMap = new LinkedHashMap<>(realms.size()); for (RealmBuilder realmBuilder : realms.values()) { realmMap.put(realmBuilder.getName(), new RealmInfo(realmBuilder)); } if (defaultRealmName != null && !realmMap.containsKey(defaultRealmName)) { throw log.realmMapDoesNotContainDefault(defaultRealmName); } assertNotBuilt(); built = true; if(log.isTraceEnabled()) { log.tracef("Building security domain with defaultRealmName %s.", defaultRealmName); if(realmMap.size() > 1) { log.tracef("The following additional realms were added: %s.", realmMap.keySet().toString()); } } return new SecurityDomain(this, realmMap); }
/** * Add a realm to this security domain. * * @param name the realm's name in this configuration * @param realm the realm * @return the new realm builder */ public RealmBuilder addRealm(String name, SecurityRealm realm) { Assert.checkNotNullParam("name", name); Assert.checkNotNullParam("realm", realm); assertNotBuilt(); final RealmBuilder realmBuilder = new RealmBuilder(this, name, realm); return realmBuilder; }
/** * Set the principal decoder for this security domain, which will be used to convert {@link Principal} objects * into names for handling in the realm. * * @param principalDecoder the principal decoder (must not be {@code null}) * @return this builder */ public Builder setPrincipalDecoder(PrincipalDecoder principalDecoder) { Assert.checkNotNullParam("principalDecoder", principalDecoder); assertNotBuilt(); this.principalDecoder = principalDecoder.asPrincipalRewriter(); return this; }
/** * Set the permission mapper for this security domain, which will be used to obtain and map permissions based on the * identities from this security domain. * * @param permissionMapper the permission mapper (must not be {@code null}) * @return this builder */ public Builder setPermissionMapper(PermissionMapper permissionMapper) { Assert.checkNotNullParam("permissionMapper", permissionMapper); assertNotBuilt(); this.permissionMapper = permissionMapper; return this; }
/** * Set the role mapper for this security domain, which will be used to perform the last mapping before * returning the roles associated with an identity obtained from this security domain. * * @param roleMapper the role mapper (must not be {@code null}) * @return this builder */ public Builder setRoleMapper(RoleMapper roleMapper) { Assert.checkNotNullParam("roleMapper", roleMapper); assertNotBuilt(); this.roleMapper = roleMapper; return this; }
/** * Add a realm to this security domain. * * @param name the realm's name in this configuration * @param realm the realm * @return the new realm builder */ public RealmBuilder addRealm(String name, SecurityRealm realm) { Assert.checkNotNullParam("name", name); Assert.checkNotNullParam("realm", realm); assertNotBuilt(); final RealmBuilder realmBuilder = new RealmBuilder(this, name, realm); return realmBuilder; }
/** * Add a realm to this security domain. * * @param name the realm's name in this configuration * @param realm the realm * @return the new realm builder */ public RealmBuilder addRealm(String name, SecurityRealm realm) { Assert.checkNotNullParam("name", name); Assert.checkNotNullParam("realm", realm); assertNotBuilt(); final RealmBuilder realmBuilder = new RealmBuilder(this, name, realm); return realmBuilder; }
/** * Set the permission mapper for this security domain, which will be used to obtain and map permissions based on the * identities from this security domain. * * @param permissionMapper the permission mapper (must not be {@code null}) * @return this builder */ public Builder setPermissionMapper(PermissionMapper permissionMapper) { Assert.checkNotNullParam("permissionMapper", permissionMapper); assertNotBuilt(); this.permissionMapper = permissionMapper; return this; }