From 5810c59a919f5bd8d776dab73ad2d18695302986 Mon Sep 17 00:00:00 2001 From: dvilkola Date: Tue, 19 Nov 2019 15:29:35 +0100 Subject: [PATCH] [WFCORE-4750] Using regex for role in Elytron --- .../extension/elytron/ElytronDefinition.java | 1 + .../elytron/ElytronDescriptionConstants.java | 2 + .../elytron/ElytronSubsystemTransformers.java | 2 +- .../extension/elytron/MapperParser.java | 7 + .../elytron/RoleMapperDefinitions.java | 56 +++++++ .../_private/ElytronSubsystemMessages.java | 3 + .../elytron/LocalDescriptions.properties | 9 ++ .../resources/schema/wildfly-elytron_9_0.xsd | 34 ++++ .../elytron/RegexRoleMapperTestCase.java | 148 ++++++++++++++++++ .../elytron/SubsystemTransformerTestCase.java | 4 +- .../extension/elytron/compare-mappers.xml | 1 + .../elytron-transformers-4.0-reject.xml | 1 + .../extension/elytron/groups.properties | 4 +- .../elytron/legacy-elytron-subsystem-8.0.xml | 1 + .../org/wildfly/extension/elytron/mappers.xml | 1 + .../extension/elytron/role-mappers-test.xml | 12 ++ .../extension/elytron/users-clear.properties | 3 +- 17 files changed, 285 insertions(+), 4 deletions(-) create mode 100644 elytron/src/test/java/org/wildfly/extension/elytron/RegexRoleMapperTestCase.java diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java index bebc5e69fcb..a04c8a6b7fa 100644 --- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java +++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java @@ -256,6 +256,7 @@ public void registerChildren(ManagementResourceRegistration resourceRegistration resourceRegistration.registerSubModel(new CustomComponentDefinition<>(RoleMapper.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_ROLE_MAPPER, ROLE_MAPPER_RUNTIME_CAPABILITY)); resourceRegistration.registerSubModel(RoleMapperDefinitions.getLogicalRoleMapperDefinition()); resourceRegistration.registerSubModel(RoleMapperDefinitions.getMappedRoleMapperDefinition()); + resourceRegistration.registerSubModel(RoleMapperDefinitions.getRegexRoleMapperDefinition()); // Evidence Decoders resourceRegistration.registerSubModel(EvidenceDecoderDefinitions.getX500SubjectEvidenceDecoderDefinition()); diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java index d728e533316..78c6bd318df 100644 --- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java +++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java @@ -427,7 +427,9 @@ interface ElytronDescriptionConstants { String REFERENCE = "reference"; String REFERRAL_MODE = "referral-mode"; String REGISTER_JASPI_FACTORY = "register-jaspi-factory"; + String REGEX = "regex"; String REGEX_PRINCIPAL_TRANSFORMER = "regex-principal-transformer"; + String REGEX_ROLE_MAPPER = "regex-role-mapper"; String REGEX_VALIDATING_PRINCIPAL_TRANSFORMER = "regex-validating-principal-transformer"; String RELATIVE_TO = "relative-to"; String REMOVE_ALIAS = "remove-alias"; diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java index 9534f57b2cc..cea231755fc 100644 --- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java +++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java @@ -108,7 +108,7 @@ public void registerTransformers(SubsystemTransformerRegistration registration) private static void from9(ChainedTransformationDescriptionBuilder chainedBuilder) { ResourceTransformationDescriptionBuilder builder = chainedBuilder.createBuilder(ELYTRON_9_0_0, ELYTRON_8_0_0); - + builder.rejectChildResource(PathElement.pathElement(ElytronDescriptionConstants.REGEX_ROLE_MAPPER)); } private static void from8(ChainedTransformationDescriptionBuilder chainedBuilder) { diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/MapperParser.java b/elytron/src/main/java/org/wildfly/extension/elytron/MapperParser.java index 13c80f5de97..edf0892a6f7 100644 --- a/elytron/src/main/java/org/wildfly/extension/elytron/MapperParser.java +++ b/elytron/src/main/java/org/wildfly/extension/elytron/MapperParser.java @@ -205,6 +205,12 @@ public void marshallSingleElement(AttributeDefinition attribute, ModelNode prope }) .build(); + private PersistentResourceXMLDescription regexRoleMapperParser = PersistentResourceXMLDescription.builder(RoleMapperDefinitions.getRegexRoleMapperDefinition().getPathElement()) + .addAttribute(RoleMapperDefinitions.REGEX) + .addAttribute(RoleMapperDefinitions.REPLACEMENT) + .addAttribute(RoleMapperDefinitions.KEEP_NON_MAPPED) + .build(); + private PersistentResourceXMLDescription addPrefixRoleMapperParser = PersistentResourceXMLDescription.builder(RoleMapperDefinitions.getAddPrefixRoleMapperDefinition().getPathElement()) .addAttribute(RoleMapperDefinitions.PREFIX) .build(); @@ -380,6 +386,7 @@ public PersistentResourceXMLDescription getParser() { .addChild(x509SubjectAltNameEvidenceDecoder) // new .addChild(getCustomComponentParser(CUSTOM_EVIDENCE_DECODER)) // new .addChild(aggregateEvidenceDecoderParser) // new + .addChild(regexRoleMapperParser) // new .build(); } } diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/RoleMapperDefinitions.java b/elytron/src/main/java/org/wildfly/extension/elytron/RoleMapperDefinitions.java index 9f32945c905..11bf1e7f419 100644 --- a/elytron/src/main/java/org/wildfly/extension/elytron/RoleMapperDefinitions.java +++ b/elytron/src/main/java/org/wildfly/extension/elytron/RoleMapperDefinitions.java @@ -20,6 +20,7 @@ import static org.wildfly.extension.elytron.Capabilities.ROLE_MAPPER_CAPABILITY; import static org.wildfly.extension.elytron.Capabilities.ROLE_MAPPER_RUNTIME_CAPABILITY; import static org.wildfly.extension.elytron.ElytronDefinition.commonDependencies; +import static org.wildfly.extension.elytron._private.ElytronSubsystemMessages.ROOT_LOGGER; import java.util.HashSet; import java.util.LinkedHashMap; @@ -29,6 +30,8 @@ import java.util.Map; import java.util.Set; import java.util.function.BinaryOperator; +import java.util.regex.Pattern; +import java.util.regex.PatternSyntaxException; import org.jboss.as.controller.AbstractAddStepHandler; import org.jboss.as.controller.AbstractWriteAttributeHandler; @@ -47,6 +50,7 @@ import org.jboss.as.controller.capability.RuntimeCapability; import org.jboss.as.controller.descriptions.ModelDescriptionConstants; import org.jboss.as.controller.operations.validation.EnumValidator; +import org.jboss.as.controller.operations.validation.ParameterValidator; import org.jboss.as.controller.registry.ManagementResourceRegistration; import org.jboss.as.controller.registry.OperationEntry; import org.jboss.dmr.ModelNode; @@ -58,6 +62,7 @@ import org.jboss.msc.value.InjectedValue; import org.wildfly.extension.elytron.TrivialService.ValueSupplier; import org.wildfly.security.authz.MappedRoleMapper; +import org.wildfly.security.authz.RegexRoleMapper; import org.wildfly.security.authz.RoleMapper; import org.wildfly.security.authz.Roles; @@ -80,6 +85,19 @@ class RoleMapperDefinitions { .setRestartAllServices() .build(); + static final SimpleAttributeDefinition REGEX = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REGEX, ModelType.STRING, false) + .setAllowExpression(true) + .setMinSize(1) + .setRestartAllServices() + .setValidator(new RegexValidator()) + .build(); + + static final SimpleAttributeDefinition REPLACEMENT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REPLACEMENT, ModelType.STRING, false) + .setAllowExpression(true) + .setMinSize(1) + .setRestartAllServices() + .build(); + static final SimpleAttributeDefinition LEFT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.LEFT, ModelType.STRING, true) .setMinSize(1) .setRestartAllServices() @@ -173,6 +191,44 @@ protected ValueSupplier getValueSupplier(OperationContext context, M return new RoleMapperResourceDefinition(ElytronDescriptionConstants.MAPPED_ROLE_MAPPER, add, ROLE_MAPPING_MAP, KEEP_MAPPED, KEEP_NON_MAPPED); } + static class RegexValidator implements ParameterValidator { + + @Override + public void validateParameter(String parameterName, ModelNode value) throws OperationFailedException { + if (value.isDefined()) { + String regex = value.asString(); + try { + Pattern.compile(regex); // make sure the input is valid regex + } catch (PatternSyntaxException exception) { + throw ROOT_LOGGER.invalidRegex(regex); + } + } + } + } + + static ResourceDefinition getRegexRoleMapperDefinition() { + AbstractAddStepHandler add = new RoleMapperAddHandler(REGEX, REPLACEMENT, KEEP_NON_MAPPED) { + + @Override + protected ValueSupplier getValueSupplier(OperationContext context, ModelNode model) throws OperationFailedException { + final String regex = REGEX.resolveModelAttribute(context, model).asString(); + final String replacement = REPLACEMENT.resolveModelAttribute(context, model).asString(); + final Boolean keepNonMapped = KEEP_NON_MAPPED.resolveModelAttribute(context, model).asBoolean(); + + final RegexRoleMapper roleMapper = RegexRoleMapper.builder() + .setRegex(regex) + .setReplacement(replacement) + .setKeepNonMapped(keepNonMapped) + .build(); + + return () -> roleMapper; + + } + }; + + return new RoleMapperResourceDefinition(ElytronDescriptionConstants.REGEX_ROLE_MAPPER, add, REGEX, REPLACEMENT, KEEP_NON_MAPPED); + } + static AggregateComponentDefinition getAggregateRoleMapperDefinition() { return AGGREGATE_ROLE_MAPPER; } diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java b/elytron/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java index fd374cd8a07..84625713c09 100644 --- a/elytron/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java +++ b/elytron/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java @@ -575,4 +575,7 @@ public interface ElytronSubsystemMessages extends BasicLogger { @Message(id = 1065, value = "Multiple maximum-cert-path definitions found.") OperationFailedException multipleMaximumCertPathDefinitions(); + @Message(id = 1066, value = "Value '%s' is not valid regex.") + OperationFailedException invalidRegex(String regex); + } diff --git a/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties b/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties index f0f7382af05..285d820c91b 100644 --- a/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties +++ b/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties @@ -665,6 +665,15 @@ elytron.mapped-role-mapper.keep-mapped=When set to 'true' the mapped roles will elytron.mapped-role-mapper.keep-non-mapped=When set to 'true' the mapped roles will retain all roles, that have no defined mappings. elytron.mapped-role-mapper.role-map=A string to string list map for mapping roles. +elytron.regex-role-mapper=A RoleMapper definition for a RoleMapper that performs a mapping based on regex and replaces matching roles with replacement pattern. +# Operations +elytron.regex-role-mapper.add=The add operation for the role mapper. +elytron.regex-role-mapper.remove=The remove operation for the role mapper. +# Attributes +elytron.regex-role-mapper.regex=Regex string that will be used for matching. +elytron.regex-role-mapper.replacement=Replacement pattern that will be used when replacing matching roles. +elytron.regex-role-mapper.keep-non-mapped=When set to 'true' the mapped roles will retain all roles, even those that do not match provided regex. + ##################### # Realm Definitions # ##################### diff --git a/elytron/src/main/resources/schema/wildfly-elytron_9_0.xsd b/elytron/src/main/resources/schema/wildfly-elytron_9_0.xsd index cd35512a32b..59b1285c252 100644 --- a/elytron/src/main/resources/schema/wildfly-elytron_9_0.xsd +++ b/elytron/src/main/resources/schema/wildfly-elytron_9_0.xsd @@ -2489,6 +2489,7 @@ + @@ -3513,6 +3514,39 @@ + + + + A RoleMapper definition that uses regex to find matching roles and then replaces these roles with replacement pattern. + + + + + + + + The regex used for matching. + + + + + + + The replacement pattern. + + + + + + + If true, keep those roles that did not match the provided regex. + + + + + + + diff --git a/elytron/src/test/java/org/wildfly/extension/elytron/RegexRoleMapperTestCase.java b/elytron/src/test/java/org/wildfly/extension/elytron/RegexRoleMapperTestCase.java new file mode 100644 index 00000000000..90e73335e1e --- /dev/null +++ b/elytron/src/test/java/org/wildfly/extension/elytron/RegexRoleMapperTestCase.java @@ -0,0 +1,148 @@ +package org.wildfly.extension.elytron; + +import org.jboss.as.controller.client.helpers.ClientConstants; +import org.jboss.as.subsystem.test.AbstractSubsystemBaseTest; +import org.jboss.as.subsystem.test.KernelServices; +import org.jboss.dmr.ModelNode; +import org.jboss.msc.service.ServiceName; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.wildfly.security.auth.server.SecurityDomain; +import org.wildfly.security.auth.server.SecurityIdentity; +import org.wildfly.security.auth.server.ServerAuthenticationContext; +import org.wildfly.security.authz.Roles; + +import java.io.IOException; + +import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.FAILED; +import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OUTCOME; + +public class RegexRoleMapperTestCase extends AbstractSubsystemBaseTest { + private KernelServices services = null; + + public RegexRoleMapperTestCase() { + super(ElytronExtension.SUBSYSTEM_NAME, new ElytronExtension()); + } + + @Override + protected String getSubsystemXml() throws IOException { + return readResource("role-mappers-test.xml"); + } + + private void init(String... domainsToActivate) throws Exception { + services = super.createKernelServicesBuilder(new TestEnvironment()).setSubsystemXmlResource("role-mappers-test.xml").build(); + if (!services.isSuccessfulBoot()) { + Assert.fail(services.getBootError().toString()); + } + TestEnvironment.activateService(services, Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY, "TestDomain5"); + TestEnvironment.activateService(services, Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY, "TestDomain6"); + TestEnvironment.activateService(services, Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY, "TestDomain7"); + } + + @Test + public void testMappedRoleMapper() throws Exception { + init("TestDomain5"); + + ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain5"); + Assert.assertNotNull(services.getContainer()); + Assert.assertNotNull(services.getContainer().getService(serviceName)); + SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue(); + Assert.assertNotNull(domain); + + ServerAuthenticationContext context = domain.createNewAuthenticationContext(); + context.setAuthenticationName("user2"); + Assert.assertTrue(context.exists()); + Assert.assertTrue(context.authorize()); + context.succeed(); + SecurityIdentity identity = context.getAuthorizedIdentity(); + + Roles roles = identity.getRoles(); + Assert.assertTrue(roles.contains("application-user")); + Assert.assertFalse(roles.contains("123-user")); + Assert.assertFalse(roles.contains("joe")); + Assert.assertEquals("user2", identity.getPrincipal().getName()); + } + + @Test + public void testMappedRoleMapper2() throws Exception { + init("TestDomain6"); + + ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain6"); + Assert.assertNotNull(services.getContainer()); + Assert.assertNotNull(services.getContainer().getService(serviceName)); + SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue(); + Assert.assertNotNull(domain); + + ServerAuthenticationContext context = domain.createNewAuthenticationContext(); + context.setAuthenticationName("user3"); + Assert.assertTrue(context.exists()); + Assert.assertTrue(context.authorize()); + context.succeed(); + SecurityIdentity identity = context.getAuthorizedIdentity(); + + Roles roles = identity.getRoles(); + Assert.assertTrue(roles.contains("admin")); + Assert.assertTrue(roles.contains("user")); + Assert.assertFalse(roles.contains("joe")); + Assert.assertFalse(roles.contains("application-user")); + Assert.assertFalse(roles.contains("123-admin-123")); + Assert.assertFalse(roles.contains("aa-user-aa")); + Assert.assertEquals("user3", identity.getPrincipal().getName()); + } + + @Test + public void testMappedRoleMapper3() throws Exception { + init("TestDomain7"); + + ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain7"); + Assert.assertNotNull(services.getContainer()); + Assert.assertNotNull(services.getContainer().getService(serviceName)); + SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue(); + Assert.assertNotNull(domain); + + ServerAuthenticationContext context = domain.createNewAuthenticationContext(); + context.setAuthenticationName("user3"); + Assert.assertTrue(context.exists()); + Assert.assertTrue(context.authorize()); + context.succeed(); + SecurityIdentity identity = context.getAuthorizedIdentity(); + + Roles roles = identity.getRoles(); + Assert.assertTrue(roles.contains("admin")); + Assert.assertTrue(roles.contains("user")); + Assert.assertTrue(roles.contains("joe")); + Assert.assertFalse(roles.contains("application-user")); + Assert.assertFalse(roles.contains("123-admin-123")); + Assert.assertFalse(roles.contains("aa-user-aa")); + Assert.assertEquals("user3", identity.getPrincipal().getName()); + } + + @Test + public void testAddRegexRoleMapperWillFailWithInvalidRegexAttribute() { + ModelNode operation = new ModelNode(); + operation.get(ClientConstants.OP_ADDR).add("subsystem", "elytron").add("regex-role-mapper", "my-regex-role-mapper"); + operation.get(ClientConstants.OP).set(ClientConstants.ADD); + operation.get(ElytronDescriptionConstants.REGEX).set("*-admin"); + operation.get(ElytronDescriptionConstants.REPLACEMENT).set("$1"); + ModelNode response = services.executeOperation(operation); + // operation will fail because regex is not valid (starts with asterisk) + if (! response.get(OUTCOME).asString().equals(FAILED)) { + Assert.fail(response.toJSONString(false)); + } + } + + @Before + public void init() throws Exception { + String subsystemXml; + if (JdkUtils.isIbmJdk()) { + subsystemXml = "tls-ibm.xml"; + } else { + subsystemXml = JdkUtils.getJavaSpecVersion() <= 12 ? "tls-sun.xml" : "tls-oracle13plus.xml"; + } + services = super.createKernelServicesBuilder(new TestEnvironment()).setSubsystemXmlResource(subsystemXml).build(); + if (!services.isSuccessfulBoot()) { + Assert.fail(services.getBootError().toString()); + } + } +} diff --git a/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java b/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java index 4e12290cab1..2a46b2e359b 100644 --- a/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java +++ b/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java @@ -151,7 +151,9 @@ public void testRejectingTransformersEAP720() throws Exception { .addFailedAttribute(SUBSYSTEM_ADDRESS.append(PathElement.pathElement(ElytronDescriptionConstants.TRUST_MANAGER, "TestingTrustManager")), FailedOperationTransformationConfig.REJECTED_RESOURCE) .addFailedAttribute(SUBSYSTEM_ADDRESS.append(PathElement.pathElement(AGGREGATE_REALM, "AggregateTwo")), REJECTED_RESOURCE) - ); + .addFailedAttribute(SUBSYSTEM_ADDRESS.append(PathElement.pathElement(ElytronDescriptionConstants.REGEX_ROLE_MAPPER, "RegexRoleMapper")), + FailedOperationTransformationConfig.REJECTED_RESOURCE + )); } @Test diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/compare-mappers.xml b/elytron/src/test/resources/org/wildfly/extension/elytron/compare-mappers.xml index 1ae0c112ffd..7d3947c2d6a 100644 --- a/elytron/src/test/resources/org/wildfly/extension/elytron/compare-mappers.xml +++ b/elytron/src/test/resources/org/wildfly/extension/elytron/compare-mappers.xml @@ -116,6 +116,7 @@ + diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-4.0-reject.xml b/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-4.0-reject.xml index f5065ad4ac8..a6c38238dc3 100644 --- a/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-4.0-reject.xml +++ b/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-4.0-reject.xml @@ -86,6 +86,7 @@ + diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/groups.properties b/elytron/src/test/resources/org/wildfly/extension/elytron/groups.properties index fcc6e5df3c0..14365a708db 100644 --- a/elytron/src/test/resources/org/wildfly/extension/elytron/groups.properties +++ b/elytron/src/test/resources/org/wildfly/extension/elytron/groups.properties @@ -1 +1,3 @@ -user1=firstGroup,secondGroup \ No newline at end of file +user1=firstGroup,secondGroup +user2=joe,123-user +user3=123-admin-123,joe,aa-user-aa diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/legacy-elytron-subsystem-8.0.xml b/elytron/src/test/resources/org/wildfly/extension/elytron/legacy-elytron-subsystem-8.0.xml index ded9a9edb32..4b545bdcd56 100644 --- a/elytron/src/test/resources/org/wildfly/extension/elytron/legacy-elytron-subsystem-8.0.xml +++ b/elytron/src/test/resources/org/wildfly/extension/elytron/legacy-elytron-subsystem-8.0.xml @@ -191,6 +191,7 @@ + diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/mappers.xml b/elytron/src/test/resources/org/wildfly/extension/elytron/mappers.xml index 190807eb71d..f421346541d 100644 --- a/elytron/src/test/resources/org/wildfly/extension/elytron/mappers.xml +++ b/elytron/src/test/resources/org/wildfly/extension/elytron/mappers.xml @@ -116,6 +116,7 @@ + diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/role-mappers-test.xml b/elytron/src/test/resources/org/wildfly/extension/elytron/role-mappers-test.xml index 71aca40dc81..3e42aa20626 100644 --- a/elytron/src/test/resources/org/wildfly/extension/elytron/role-mappers-test.xml +++ b/elytron/src/test/resources/org/wildfly/extension/elytron/role-mappers-test.xml @@ -16,6 +16,15 @@ + + + + + + + + + @@ -44,6 +53,9 @@ + + + diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/users-clear.properties b/elytron/src/test/resources/org/wildfly/extension/elytron/users-clear.properties index 6291f66299b..a52daecda34 100644 --- a/elytron/src/test/resources/org/wildfly/extension/elytron/users-clear.properties +++ b/elytron/src/test/resources/org/wildfly/extension/elytron/users-clear.properties @@ -2,4 +2,5 @@ firstUser=clearPassword user1=password1 user2=password2 -jsmith@example.redhat.com=clearPassword \ No newline at end of file +user3=password3 +jsmith@example.redhat.com=clearPassword