@Test(expectedExceptions = CacheConfigurationException.class, expectedExceptionsMessageRegExp = ".*ISPN000414.*") public void testIncompleteConfiguration() { ConfigurationBuilder builder = new ConfigurationBuilder(); builder.security().authorization().enable().role("reader"); withCacheManager(() -> createCacheManager(builder), CacheContainer::getCache); }
@Override protected ConfigurationBuilder defaultConfigurationForSite(int siteIndex) { ConfigurationBuilder builder = super.defaultConfigurationForSite(siteIndex); AuthorizationConfigurationBuilder authConfig = builder.security().authorization().enable(); for (AuthorizationPermission perm : AuthorizationPermission.values()) { authConfig.role(perm.toString()); } return builder; }
private Configuration getInternalCacheConfig() { ConfigurationBuilder configurationBuilder = new ConfigurationBuilder(); // allow the registry to work for local caches as well as clustered caches CacheMode cacheMode = cacheManager.getGlobalComponentRegistry().getGlobalConfiguration().isClustered() ? CacheMode.REPL_SYNC : CacheMode.LOCAL; configurationBuilder.clustering().cacheMode(cacheMode); // use invocation batching (cache-only transactions) for high consistency as writes are expected to be rare in this cache configurationBuilder.transaction().transactionMode(TransactionMode.TRANSACTIONAL) .transactionManagerLookup(null).invocationBatching().enable(); configurationBuilder.security().authorization().disable(); return configurationBuilder.build(); }
/** * Create the configuration for the internal cache. */ private Configuration getInternalCacheConfig() { ConfigurationBuilder configurationBuilder = new ConfigurationBuilder(); // allow the registry to work for local caches as well as clustered caches CacheMode cacheMode = cacheManager.getGlobalComponentRegistry().getGlobalConfiguration().isClustered() ? CacheMode.REPL_SYNC : CacheMode.LOCAL; configurationBuilder.clustering().cacheMode(cacheMode); // use invocation batching (cache-only transactions) for high consistency as writes are expected to be rare in this cache configurationBuilder.transaction().transactionMode(TransactionMode.TRANSACTIONAL) .transactionManagerLookup(null).invocationBatching().enable(); configurationBuilder.security().authorization().disable(); return configurationBuilder.build(); }
private ConfigurationBuilder getScriptCacheConfiguration() { GlobalConfiguration globalConfiguration = cacheManager.getGlobalComponentRegistry().getGlobalConfiguration(); ConfigurationBuilder cfg = new ConfigurationBuilder(); cfg.encoding().key().mediaType(APPLICATION_OBJECT_TYPE); cfg.encoding().value().mediaType(APPLICATION_OBJECT_TYPE); cfg.customInterceptors().addInterceptor().interceptor(new ScriptingInterceptor()).before(CacheMgmtInterceptor.class); if (globalConfiguration.security().authorization().enabled()) { globalConfiguration.security().authorization().roles().put(SCRIPT_MANAGER_ROLE, new CacheRoleImpl(SCRIPT_MANAGER_ROLE, AuthorizationPermission.ALL)); cfg.security().authorization().enable().role(SCRIPT_MANAGER_ROLE); globalAuthzHelper = cacheManager.getGlobalComponentRegistry().getComponent(AuthorizationHelper.class); } return cfg; }
ModelNode authzModel = securityModel.get(ModelKeys.AUTHORIZATION, ModelKeys.AUTHORIZATION_NAME); AuthorizationConfigurationBuilder authzBuilder = builder.security().authorization(); authzBuilder.enabled(CacheAuthorizationConfigurationResource.ENABLED.resolveModelAttribute(context, authzModel).asBoolean()); for(ModelNode role : CacheAuthorizationConfigurationResource.ROLES.resolveModelAttribute(context, authzModel).asList()) {
@Override protected EmbeddedCacheManager createCacheManager() throws Exception { GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); global .security() .authorization().enable() .principalRoleMapper(new IdentityRoleMapper()) .role("admin").permission(AuthorizationPermission.ALL); ConfigurationBuilder config = new ConfigurationBuilder(); config.security().authorization().enable() .role("admin"); return TestCacheManagerFactory.createCacheManager(global, config); }
@Override protected EmbeddedCacheManager createCacheManager() throws Exception { GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); GlobalAuthorizationConfigurationBuilder globalRoles = global.security().authorization().enable() .principalRoleMapper(new IdentityRoleMapper()).auditLogger(LOGGER); ConfigurationBuilder config = TestCacheManagerFactory.getDefaultCacheConfiguration(true); AuthorizationConfigurationBuilder authConfig = config.security().authorization().enable(); globalRoles.role(ADMIN_ROLE).permission(AuthorizationPermission.ALL).role(READER_ROLE) .permission(AuthorizationPermission.READ); authConfig.role(ADMIN_ROLE).role(READER_ROLE); return TestCacheManagerFactory.createCacheManager(global, config); }
@Override protected void createCacheManagers() throws Throwable { final GlobalConfigurationBuilder global = GlobalConfigurationBuilder.defaultClusteredBuilder(); final ConfigurationBuilder builder = getDefaultClusteredCacheConfig(getCacheMode()); global.security().authorization().enable() .principalRoleMapper(new IdentityRoleMapper()).role("admin").permission(AuthorizationPermission.ALL); builder.security().authorization().enable().role("admin"); Security.doAs(ADMIN, (PrivilegedExceptionAction<Void>) () -> { createCluster(global, builder, 2); waitForClusterToForm(); return null; }); }
@Override protected EmbeddedCacheManager createCacheManager() throws Exception { GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); GlobalAuthorizationConfigurationBuilder globalRoles = global.security().authorization().enable() .principalRoleMapper(new IdentityRoleMapper()); ConfigurationBuilder config = TestCacheManagerFactory.getDefaultCacheConfiguration(true); AuthorizationConfigurationBuilder authConfig = config.security().authorization().enable(); globalRoles .role("listener").permission(AuthorizationPermission.LISTEN) .role("admin").permission(AuthorizationPermission.ALL); authConfig.role("listener").role("admin"); return TestCacheManagerFactory.createCacheManager(global, config); }
@Override protected EmbeddedCacheManager createCacheManager() throws Exception { GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); GlobalAuthorizationConfigurationBuilder globalRoles = global.security().authorization().enable() .principalRoleMapper(new IdentityRoleMapper()); ConfigurationBuilder config = TestCacheManagerFactory.getDefaultCacheConfiguration(true); AuthorizationConfigurationBuilder authConfig = config.security().authorization().enable(); globalRoles .role("role1").permission(AuthorizationPermission.EXEC) .role("role2").permission(AuthorizationPermission.EXEC) .role("admin").permission(AuthorizationPermission.ALL); authConfig.role("role1").role("role2").role("admin"); return TestCacheManagerFactory.createCacheManager(global, config); }
@Override protected EmbeddedCacheManager createCacheManager() throws Exception { GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); GlobalAuthorizationConfigurationBuilder globalRoles = global.security().authorization().enable() .principalRoleMapper(new ClusterRoleMapper()); ConfigurationBuilder config = TestCacheManagerFactory.getDefaultCacheConfiguration(true); AuthorizationConfigurationBuilder authConfig = config.security().authorization().enable(); globalRoles .role("reader").permission(AuthorizationPermission.ALL_READ) .role("writer").permission(AuthorizationPermission.ALL_WRITE) .role("admin").permission(AuthorizationPermission.ALL); authConfig.role("reader").role("writer").role("admin"); return TestCacheManagerFactory.createCacheManager(global, config); }
@Override protected EmbeddedCacheManager createCacheManager() throws Exception { GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); GlobalAuthorizationConfigurationBuilder globalRoles = global.security().securityCacheTimeout(0, TimeUnit.SECONDS).authorization().enable() .principalRoleMapper(new IdentityRoleMapper()); ConfigurationBuilder config = TestCacheManagerFactory.getDefaultCacheConfiguration(true); AuthorizationConfigurationBuilder authConfig = config.security().authorization().enable(); globalRoles .role("role1").permission(AuthorizationPermission.EXEC) .role("role2").permission(AuthorizationPermission.EXEC) .role("admin").permission(AuthorizationPermission.ALL); authConfig.role("role1").role("role2").role("admin"); return TestCacheManagerFactory.createCacheManager(global, config); } }
@Override protected EmbeddedCacheManager createCacheManager() { GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); GlobalAuthorizationConfigurationBuilder globalRoles = global.security().authorization().enable() .principalRoleMapper(new ClusterRoleMapper()); ConfigurationBuilder config = TestCacheManagerFactory.getDefaultCacheConfiguration(true); AuthorizationConfigurationBuilder authConfig = config.security().authorization().enable(); globalRoles .role("reader").permission(AuthorizationPermission.ALL_READ) .role("writer").permission(AuthorizationPermission.ALL_WRITE) .role("admin").permission(AuthorizationPermission.ALL); authConfig.role("reader").role("writer").role("admin").jmxStatistics().enable(); return TestCacheManagerFactory.createCacheManager(global, config); }
@Override protected EmbeddedCacheManager createCacheManager() throws Exception { final GlobalConfigurationBuilder global = new GlobalConfigurationBuilder(); GlobalAuthorizationConfigurationBuilder globalRoles = global.security().authorization().enable() .principalRoleMapper(new IdentityRoleMapper()); final ConfigurationBuilder config = TestCacheManagerFactory.getDefaultCacheConfiguration(true); config.transaction().lockingMode(LockingMode.PESSIMISTIC); config.invocationBatching().enable(); AuthorizationConfigurationBuilder authConfig = config.security().authorization().enable(); for (AuthorizationPermission perm : AuthorizationPermission.values()) { globalRoles.role(perm.toString()).permission(perm); authConfig.role(perm.toString()); } return Security.doAs(ADMIN, new PrivilegedAction<EmbeddedCacheManager>() { @Override public EmbeddedCacheManager run() { return TestCacheManagerFactory.createCacheManager(global, config); } }); }