Permalink
Browse files

[AS7-6180] allow expressions in remoting subsystem

* allow expressions for connector & generic/remote/local
  outbound-connection property resources (only the value)
* allow expressions for remote-outbound-connection's user-name attribute
* allow expressions for sasl resource's server-auth & reuse-session
  attributes
* allow expressions for sasl policy resource's attributes
* add tests for resource transformation for legacy version
  • Loading branch information...
1 parent a67d223 commit 753ad377b61961cc7f163029d7659aac308d8f18 @jmesnil jmesnil committed with bstansberry Dec 14, 2012
Showing with 477 additions and 87 deletions.
  1. +119 −3 remoting-test/src/test/java/org/jboss/as/remoting/RemotingSubsystemTransformersTestCase.java
  2. +37 −0 remoting-test/src/test/resources/org/jboss/as/remoting/remoting-with-expressions.xml
  3. +37 −0 remoting-test/src/test/resources/org/jboss/as/remoting/remoting-without-expressions.xml
  4. +1 −1 remoting/src/main/java/org/jboss/as/remoting/ConnectorAdd.java
  5. +44 −32 remoting/src/main/java/org/jboss/as/remoting/ConnectorResource.java
  6. +1 −1 remoting/src/main/java/org/jboss/as/remoting/GenericOutboundConnectionAdd.java
  7. +1 −1 remoting/src/main/java/org/jboss/as/remoting/LocalOutboundConnectionAdd.java
  8. +9 −2 remoting/src/main/java/org/jboss/as/remoting/PropertyResource.java
  9. +44 −0 remoting/src/main/java/org/jboss/as/remoting/PropertyResourceTransformers.java
  10. +1 −1 remoting/src/main/java/org/jboss/as/remoting/RemoteOutboundConnectionAdd.java
  11. +4 −2 remoting/src/main/java/org/jboss/as/remoting/RemoteOutboundConnectionResourceDefinition.java
  12. +17 −0 remoting/src/main/java/org/jboss/as/remoting/RemotingExtension.java
  13. +10 −17 remoting/src/main/java/org/jboss/as/remoting/RemotingSubsystem11Parser.java
  14. +15 −10 remoting/src/main/java/org/jboss/as/remoting/SaslPolicyResource.java
  15. +55 −0 remoting/src/main/java/org/jboss/as/remoting/SaslPolicyResourceTransformers.java
  16. +14 −3 remoting/src/main/java/org/jboss/as/remoting/SaslResource.java
  17. +50 −0 remoting/src/main/java/org/jboss/as/remoting/SaslResourceTransformers.java
  18. +18 −14 ...java/org/jboss/as/remoting/{NamedValueAttributeDefinition.java → WrappedAttributeMarshaller.java}
@@ -22,7 +22,6 @@
package org.jboss.as.remoting;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.FAILED;
-import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.FAILURE_DESCRIPTION;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.IGNORED;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.NAME;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP;
@@ -32,14 +31,22 @@
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUCCESS;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.VALUE;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.WRITE_ATTRIBUTE_OPERATION;
+import static org.jboss.as.remoting.SaslPolicyResource.FORWARD_SECRECY;
+import static org.jboss.as.remoting.SaslPolicyResource.NO_ACTIVE;
+import static org.jboss.as.remoting.SaslPolicyResource.NO_ANONYMOUS;
+import static org.jboss.as.remoting.SaslPolicyResource.NO_DICTIONARY;
+import static org.jboss.as.remoting.SaslPolicyResource.NO_PLAIN_TEXT;
+import static org.jboss.as.remoting.SaslPolicyResource.PASS_CREDENTIALS;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import java.io.IOException;
+import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.ModelVersion;
+import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.transform.OperationTransformer;
import org.jboss.as.subsystem.test.AbstractSubsystemBaseTest;
import org.jboss.as.subsystem.test.KernelServices;
@@ -92,7 +99,111 @@ public void testTransformers() throws Exception {
assertTrue(legacyServices.isSuccessfulBoot());
checkSubsystemModelTransformation(mainServices, version_1_1);
+ checkRejectWorkerThreadAttributes(mainServices, version_1_1);
+ checkRejectSASLAttribute(mainServices, version_1_1, CommonAttributes.REUSE_SESSION, "${reuse.session:true}");
+ checkRejectSASLAttribute(mainServices, version_1_1, CommonAttributes.SERVER_AUTH, "${server.auth:true}");
+ checkRejectSASLProperty(mainServices, version_1_1);
+ checkRejectSASLPolicyAttributes(mainServices, version_1_1);
+ checkRejectConnectorProperty(mainServices, version_1_1);
+ checkRejectRemoteOutboundConnectionUsername(mainServices, version_1_1);
+ checkRejectOutboundConnectionProperty(mainServices, version_1_1, CommonAttributes.REMOTE_OUTBOUND_CONNECTION, "remote-conn1");
+ checkRejectOutboundConnectionProperty(mainServices, version_1_1, CommonAttributes.LOCAL_OUTBOUND_CONNECTION, "local-conn1");
+ checkRejectOutboundConnectionProperty(mainServices, version_1_1, CommonAttributes.OUTBOUND_CONNECTION, "generic-conn1");
+ }
+
+ private void checkRejectOutboundConnectionProperty(KernelServices mainServices, ModelVersion version, String type, String name) throws OperationFailedException {
+ ModelNode operation = new ModelNode();
+ operation.get(OP).set(WRITE_ATTRIBUTE_OPERATION);
+ ModelNode address = new ModelNode();
+ address.add(SUBSYSTEM, RemotingExtension.SUBSYSTEM_NAME);
+ address.add(type, name);
+ address.add(CommonAttributes.PROPERTY, "org.xnio.Options.SSL_ENABLED");
+ operation.get(OP_ADDR).set(address);
+ operation.get(NAME).set(CommonAttributes.VALUE);
+ operation.get(VALUE).set("${myprop:true}");
+
+ checkReject(operation, mainServices, version);
+ }
+
+ private void checkRejectSASLAttribute(KernelServices mainServices, ModelVersion version, String name, String value) throws OperationFailedException {
+ ModelNode operation = new ModelNode();
+ operation.get(OP).set(WRITE_ATTRIBUTE_OPERATION);
+ ModelNode address = new ModelNode();
+ address.add(SUBSYSTEM, RemotingExtension.SUBSYSTEM_NAME);
+ address.add(CommonAttributes.CONNECTOR, "remoting-connector");
+ address.add(CommonAttributes.SECURITY, CommonAttributes.SASL);
+ operation.get(OP_ADDR).set(address);
+ operation.get(NAME).set(name);
+ operation.get(VALUE).set(value);
+
+ checkReject(operation, mainServices, version);
+ }
+
+ private void checkRejectSASLProperty(KernelServices mainServices, ModelVersion version) throws OperationFailedException {
+ ModelNode operation = new ModelNode();
+ operation.get(OP).set(WRITE_ATTRIBUTE_OPERATION);
+ ModelNode address = new ModelNode();
+ address.add(SUBSYSTEM, RemotingExtension.SUBSYSTEM_NAME);
+ address.add(CommonAttributes.CONNECTOR, "remoting-connector");
+ address.add(CommonAttributes.SECURITY, CommonAttributes.SASL);
+ address.add(CommonAttributes.PROPERTY, "sasl1");
+ operation.get(OP_ADDR).set(address);
+ operation.get(NAME).set(CommonAttributes.VALUE);
+ operation.get(VALUE).set("${sasl.prop:sasl one}");
+
+ checkReject(operation, mainServices, version);
+ }
+
+ private void checkRejectSASLPolicyAttributes(KernelServices mainServices, ModelVersion version) throws OperationFailedException {
+ for (AttributeDefinition attr: new AttributeDefinition[] {NO_ACTIVE, NO_ANONYMOUS, NO_DICTIONARY, FORWARD_SECRECY,
+ NO_PLAIN_TEXT, PASS_CREDENTIALS}) {
+ checkRejectSASLPolicyAttribute(mainServices, version, attr);
+ }
+ }
+ private void checkRejectSASLPolicyAttribute(KernelServices mainServices, ModelVersion version, AttributeDefinition attr) throws OperationFailedException {
+ ModelNode operation = new ModelNode();
+ operation.get(OP).set(WRITE_ATTRIBUTE_OPERATION);
+ ModelNode address = new ModelNode();
+ address.add(SUBSYSTEM, RemotingExtension.SUBSYSTEM_NAME);
+ address.add(CommonAttributes.CONNECTOR, "remoting-connector");
+ address.add(CommonAttributes.SECURITY, CommonAttributes.SASL);
+ address.add(CommonAttributes.SASL_POLICY, CommonAttributes.POLICY);
+ operation.get(OP_ADDR).set(address);
+ operation.get(NAME).set(attr.getName());
+ operation.get(VALUE).set("${mypolicy:false}");
+
+ checkReject(operation, mainServices, version);
+ }
+
+ private void checkRejectConnectorProperty(KernelServices mainServices, ModelVersion version) throws OperationFailedException {
+ ModelNode operation = new ModelNode();
+ operation.get(OP).set(WRITE_ATTRIBUTE_OPERATION);
+ ModelNode address = new ModelNode();
+ address.add(SUBSYSTEM, RemotingExtension.SUBSYSTEM_NAME);
+ address.add(CommonAttributes.CONNECTOR, "remoting-connector");
+ address.add(CommonAttributes.PROPERTY, "c1");
+ operation.get(OP_ADDR).set(address);
+ operation.get(NAME).set(CommonAttributes.VALUE);
+ operation.get(VALUE).set("${connector.prop:connector one}");
+
+ checkReject(operation, mainServices, version);
+ }
+
+ private void checkRejectRemoteOutboundConnectionUsername(KernelServices mainServices, ModelVersion version) throws OperationFailedException {
+ ModelNode operation = new ModelNode();
+ operation.get(OP).set(WRITE_ATTRIBUTE_OPERATION);
+ ModelNode address = new ModelNode();
+ address.add(SUBSYSTEM, RemotingExtension.SUBSYSTEM_NAME);
+ address.add(CommonAttributes.REMOTE_OUTBOUND_CONNECTION, "remote-conn1");
+ operation.get(OP_ADDR).set(address);
+ operation.get(NAME).set(CommonAttributes.USERNAME);
+ operation.get(VALUE).set("${remoting.user:myuser}");
+
+ checkReject(operation, mainServices, version);
+ }
+
+ private void checkRejectWorkerThreadAttributes(KernelServices mainServices, ModelVersion version) throws OperationFailedException {
ModelNode operation = new ModelNode();
operation.get(OP).set(WRITE_ATTRIBUTE_OPERATION);
ModelNode address = new ModelNode();
@@ -101,6 +212,11 @@ public void testTransformers() throws Exception {
operation.get(NAME).set("worker-read-threads");
operation.get(VALUE).set("${worker.read.threads:5}");
+ checkReject(operation, mainServices, version);
+ }
+
+ private void checkReject(ModelNode operation, KernelServices mainServices, ModelVersion version) throws OperationFailedException {
+
ModelNode mainResult = mainServices.executeOperation(operation);
assertEquals(mainResult.toJSONString(true), SUCCESS, mainResult.get(OUTCOME).asString());
@@ -114,8 +230,8 @@ public void testTransformers() throws Exception {
ignoreResult.get(OUTCOME).set(IGNORED);
ignoreResult.protect();
- final OperationTransformer.TransformedOperation op = mainServices.transformOperation(version_1_1, operation);
- final ModelNode result = mainServices.executeOperation(version_1_1, op);
+ final OperationTransformer.TransformedOperation op = mainServices.transformOperation(version, operation);
+ final ModelNode result = mainServices.executeOperation(version, op);
assertEquals("should reject the expression", FAILED, result.get(OUTCOME).asString());
}
@@ -7,4 +7,41 @@
task-max-threads="${worker.task.max.threads:9}"
write-threads="${worker.write.threads:10}"
/>
+ <connector name="remoting-connector" socket-binding="remoting">
+ <properties>
+ <property name="c1" value="${connector.prop:connector one}"/>
+ </properties>
+ <sasl>
+ <server-auth value="${sasl.server.auth:true}"/>
+ <reuse-session value="${sasl.reuse.session:true}"/>
+ <policy>
+ <forward-secrecy value="${forward.secrecy:true}"/>
+ <no-active value="${no.active:true}"/>
+ <no-anonymous value="${no.anonymous:true}"/>
+ <no-dictionary value="${no.dictionary:true}"/>
+ <no-plain-text value="${no.plain.text:true}"/>
+ <pass-credentials value="${pass.credentials:true}"/>
+ </policy>
+ <properties>
+ <property name="sasl1" value="${sasl.prop:sasl one}"/>
+ </properties>
+ </sasl>
+ </connector>
+ <outbound-connections>
+ <outbound-connection name="generic-conn1" uri="myuri">
+ <properties>
+ <property name="org.xnio.Options.SSL_ENABLED" value="${generic.outbound.connection.prop:false}"/>
+ </properties>
+ </outbound-connection>
+ <remote-outbound-connection name="remote-conn1" outbound-socket-binding-ref="dummy-outbound-socket" username="${remoting.user:myuser}">
+ <properties>
+ <property name="org.xnio.Options.SSL_ENABLED" value="${remote.outbound.connection.prop:false}"/>
+ </properties>
+ </remote-outbound-connection>
+ <local-outbound-connection name="local-conn1" outbound-socket-binding-ref="other-outbound-socket">
+ <properties>
+ <property name="org.xnio.Options.SSL_ENABLED" value="${local.outbound.connection.prop:false}"/>
+ </properties>
+ </local-outbound-connection>
+ </outbound-connections>
</subsystem>
@@ -7,4 +7,41 @@
task-max-threads="9"
write-threads="10"
/>
+ <connector name="remoting-connector" socket-binding="remoting">
+ <properties>
+ <property name="c1" value="connector one"/>
+ </properties>
+ <sasl>
+ <server-auth value="true"/>
+ <reuse-session value="true"/>
+ <policy>
+ <forward-secrecy value="true"/>
+ <no-active value="true"/>
+ <no-anonymous value="true"/>
+ <no-dictionary value="true"/>
+ <no-plain-text value="true"/>
+ <pass-credentials value="true"/>
+ </policy>
+ <properties>
+ <property name="sasl1" value="sasl one"/>
+ </properties>
+ </sasl>
+ </connector>
+ <outbound-connections>
+ <outbound-connection name="generic-conn1" uri="myuri">
+ <properties>
+ <property name="org.xnio.Options.SSL_ENABLED" value="false"/>
+ </properties>
+ </outbound-connection>
+ <remote-outbound-connection name="remote-conn1" outbound-socket-binding-ref="dummy-outbound-socket" username="myuser">
+ <properties>
+ <property name="org.xnio.Options.SSL_ENABLED" value="false"/>
+ </properties>
+ </remote-outbound-connection>
+ <local-outbound-connection name="local-conn1" outbound-socket-binding-ref="other-outbound-socket">
+ <properties>
+ <property name="org.xnio.Options.SSL_ENABLED" value="false"/>
+ </properties>
+ </local-outbound-connection>
+ </outbound-connections>
</subsystem>
@@ -71,7 +71,7 @@ protected void performRuntime(OperationContext context, ModelNode operation, Mod
}
void launchServices(OperationContext context, String connectorName, ModelNode fullModel, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
- OptionMap optionMap = ConnectorResource.getFullOptions(fullModel);
+ OptionMap optionMap = ConnectorResource.getFullOptions(context, fullModel);
final ServiceTarget target = context.getServiceTarget();
Oops, something went wrong.

0 comments on commit 753ad37

Please sign in to comment.