Merge pull request wildfly#17701 from tadamski/WFLY-19110

[WFLY-19110] Connector: restore application security configuration
darranl · Mar 23, 2024 · 2e0b913 · 2e0b913
2 parents 2af13aa + 8a4aa44
commit 2e0b913
Show file tree

Hide file tree

Showing 8 changed files with 12 additions and 6 deletions.
diff --git a/...main/java/org/jboss/as/connector/subsystems/resourceadapters/ConnectionDefinitionAdd.java b/...main/java/org/jboss/as/connector/subsystems/resourceadapters/ConnectionDefinitionAdd.java
@@ -10,7 +10,6 @@
 import static org.jboss.as.connector.subsystems.common.jndi.Constants.USE_JAVA_CONTEXT;
 import static org.jboss.as.connector.subsystems.jca.Constants.DEFAULT_NAME;
 import static org.jboss.as.connector.subsystems.resourceadapters.CommonAttributes.CONNECTION_DEFINITIONS_NODE_ATTRIBUTE;
-import static org.jboss.as.connector.subsystems.resourceadapters.Constants.APPLICATION;
 import static org.jboss.as.connector.subsystems.resourceadapters.Constants.ARCHIVE;
 import static org.jboss.as.connector.subsystems.resourceadapters.Constants.AUTHENTICATION_CONTEXT;
 import static org.jboss.as.connector.subsystems.resourceadapters.Constants.AUTHENTICATION_CONTEXT_AND_APPLICATION;
@@ -90,8 +89,6 @@ protected void performRuntime(OperationContext context, ModelNode operation, fin
             throw SUBSYSTEM_RA_LOGGER.legacySecurityAttributeNotSupported(SECURITY_DOMAIN.getName());
         else if (resourceModel.hasDefined(SECURITY_DOMAIN_AND_APPLICATION.getName()))
             throw SUBSYSTEM_RA_LOGGER.legacySecurityAttributeNotSupported(SECURITY_DOMAIN_AND_APPLICATION.getName());
-        else if (resourceModel.hasDefined(APPLICATION.getName()))
-            throw SUBSYSTEM_RA_LOGGER.legacySecurityAttributeNotSupported(APPLICATION.getName());
         // do the same for recovery security attributes
         if (resourceModel.hasDefined(RECOVERY_SECURITY_DOMAIN.getName()))
             throw SUBSYSTEM_RA_LOGGER.legacySecurityAttributeNotSupported(RECOVERY_SECURITY_DOMAIN.getName());

diff --git a/connector/src/main/java/org/jboss/as/connector/subsystems/resourceadapters/Constants.java b/connector/src/main/java/org/jboss/as/connector/subsystems/resourceadapters/Constants.java
@@ -451,7 +451,6 @@ public void marshallAsElement(AttributeDefinition attribute, ModelNode resourceM
                     AUTHENTICATION_CONTEXT_AND_APPLICATION_NAME)
             .addAccessConstraint(SensitiveTargetAccessConstraintDefinition.SECURITY_DOMAIN_REF)
             .addAccessConstraint(ResourceAdaptersExtension.RA_SECURITY_DEF)
-            .setDeprecated(ELYTRON_BY_DEFAULT_VERSION)
             .setRestartAllServices()
             .build();
 

diff --git a/...resources/org/jboss/as/connector/subsystems/resourceadapters/LocalDescriptions.properties b/...resources/org/jboss/as/connector/subsystems/resourceadapters/LocalDescriptions.properties
@@ -120,7 +120,6 @@ connection-definitions.recovery-authentication-context=The Elytron authenticatio
 connection-definitions.recovery-username=The user name used for recovery.
 connection-definitions.same-rm-override=Using this attribute, you can unconditionally set whether javax.transaction.xa.XAResource.isSameRM(XAResource) returns true or false.
 connection-definitions.security-application=Indicates that application-supplied parameters, such as from getConnection(user, pw), are used to distinguish connections in the pool.
-connection-definitions.security-application.deprecated=PicketBox security domains are not supported in servers running the current version of the datasources subsystem. Use 'authentication-context' to configure Elytron security.
 connection-definitions.security-domain=Specifies the PicketBox security domain which defines the javax.security.auth.Subject that is used to distinguish connections in the pool.
 connection-definitions.security-domain.deprecated=PicketBox security domains are not supported in servers running the current version of the datasources subsystem. Use 'authentication-context' to configure Elytron security.
 connection-definitions.security-domain-and-application=Indicates that either application-supplied parameters, such as from getConnection(user, pw) are used to distinguish connections in the pool.

diff --git a/...asic/src/test/java/org/jboss/as/test/integration/jca/metrics/RaCfgMetricUnitTestCase.java b/...asic/src/test/java/org/jboss/as/test/integration/jca/metrics/RaCfgMetricUnitTestCase.java
@@ -191,6 +191,7 @@ public void testBoolPresPropertiesSet() throws Exception {
         address1.protect();
         assertTrue(readAttribute(address1, "interleaving").asBoolean());
         assertTrue(readAttribute(address1, "no-tx-separate-pool").asBoolean());
+        assertTrue(readAttribute(address1, "security-application").asBoolean());
         assertTrue(readAttribute(address1, "no-recovery").asBoolean());
 
         removeRa();
@@ -204,6 +205,7 @@ public void testBoolPresPropertiesUnset() throws Exception {
         address1.protect();
         assertFalse(readAttribute(address1, "interleaving").asBoolean());
         assertFalse(readAttribute(address1, "no-tx-separate-pool").asBoolean());
+        assertTrue(readAttribute(address1, "security-application").asBoolean());
         assertFalse(readAttribute(address1, "no-recovery").asBoolean());
 
         removeRa();

diff --git a/...c/src/test/java/org/jboss/as/test/integration/jca/metrics/ra/bool-pres-properties-set.xml b/...c/src/test/java/org/jboss/as/test/integration/jca/metrics/ra/bool-pres-properties-set.xml
@@ -14,6 +14,9 @@
                         <interleaving>true</interleaving>
                         <no-tx-separate-pools>true</no-tx-separate-pools>
                     </xa-pool>
+                    <security>
+                        <application/>
+                    </security>
                     <recovery no-recovery="true"></recovery>
                 </connection-definition>
             </connection-definitions>

diff --git a/...src/test/java/org/jboss/as/test/integration/jca/metrics/ra/bool-pres-properties-unset.xml b/...src/test/java/org/jboss/as/test/integration/jca/metrics/ra/bool-pres-properties-unset.xml
@@ -14,6 +14,9 @@
                         <interleaving>false</interleaving>
                         <no-tx-separate-pools>false</no-tx-separate-pools>
                     </xa-pool>
+                    <security>
+                        <application/>
+                    </security>
                     <recovery no-recovery="false"></recovery>
                 </connection-definition>
             </connection-definitions>

diff --git a/...basic/src/test/java/org/jboss/as/test/integration/jca/metrics/ra/bool-pres-properties.xml b/...basic/src/test/java/org/jboss/as/test/integration/jca/metrics/ra/bool-pres-properties.xml
@@ -14,6 +14,9 @@
                         <interleaving/>
                         <no-tx-separate-pools/>
                     </xa-pool>
+                    <security>
+                        <application/>
+                    </security>
                     <recovery/>
                 </connection-definition>
             </connection-definitions>

diff --git a/...a/org/jboss/as/test/smoke/mgmt/resourceadapter/ResourceAdapterOperationsUnitTestCase.java b/...a/org/jboss/as/test/smoke/mgmt/resourceadapter/ResourceAdapterOperationsUnitTestCase.java
@@ -88,7 +88,7 @@ public void removeRar() throws IOException {
 
     @Test
     public void addComplexResourceAdapterWithAppSecurity() throws Exception {
-        complexResourceAdapterAddTest(ConnectionSecurityType.ELYTRON_AUTHENTICATION_CONTEXT_AND_APPLICATION, null);
+        complexResourceAdapterAddTest(ConnectionSecurityType.APPLICATION, null);
     }
 
     @Test