Merge pull request #8380 from stuartwdouglas/WFLY-5634

WFLY-5634 Allow the default web security domain to be set
wildfly · Nov 6, 2015 · bf847d4 · bf847d4
2 parents 1ab57a3 + 0aa3c82
commit bf847d4
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 6 deletions.
diff --git a/undertow/src/main/java/org/wildfly/extension/undertow/UndertowRootDefinition.java b/undertow/src/main/java/org/wildfly/extension/undertow/UndertowRootDefinition.java
@@ -33,6 +33,7 @@
 import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
 import org.jboss.as.controller.registry.AttributeAccess;
 import org.jboss.dmr.ValueExpression;
+import org.jboss.security.SecurityConstants;
 import org.wildfly.extension.undertow.filters.FilterDefinitions;
 import org.wildfly.extension.undertow.handlers.HandlerDefinitions;
 import org.jboss.dmr.ModelNode;
@@ -68,9 +69,14 @@ class UndertowRootDefinition extends PersistentResourceDefinition {
                         .setAllowExpression(true)
                         .setDefaultValue(new ModelNode(false))
                         .build();
+    protected static final SimpleAttributeDefinition DEFAULT_SECURITY_DOMAIN =
+            new SimpleAttributeDefinitionBuilder("default-security-domain", ModelType.STRING, true)
+                    .setAllowExpression(true)
+                    .setDefaultValue(new ModelNode(SecurityConstants.DEFAULT_APPLICATION_POLICY))
+                    .build();
 
 
-    static final AttributeDefinition[] ATTRIBUTES = {DEFAULT_VIRTUAL_HOST, DEFAULT_SERVLET_CONTAINER, DEFAULT_SERVER, INSTANCE_ID, STATISTICS_ENABLED};
+    static final AttributeDefinition[] ATTRIBUTES = {DEFAULT_VIRTUAL_HOST, DEFAULT_SERVLET_CONTAINER, DEFAULT_SERVER, INSTANCE_ID, STATISTICS_ENABLED, DEFAULT_SECURITY_DOMAIN};
     static final PersistentResourceDefinition[] CHILDREN = {
             BufferCacheDefinition.INSTANCE,
             ServerDefinition.INSTANCE,

diff --git a/undertow/src/main/java/org/wildfly/extension/undertow/UndertowSubsystemAdd.java b/undertow/src/main/java/org/wildfly/extension/undertow/UndertowSubsystemAdd.java
@@ -93,6 +93,7 @@ protected void performBoottime(OperationContext context, ModelNode operation, Re
         final String defaultContainer = UndertowRootDefinition.DEFAULT_SERVLET_CONTAINER.resolveModelAttribute(context, model).asString();
         final String defaultServer = UndertowRootDefinition.DEFAULT_SERVER.resolveModelAttribute(context, model).asString();
         final boolean stats = UndertowRootDefinition.STATISTICS_ENABLED.resolveModelAttribute(context, model).asBoolean();
+        final String defaultSecurityDomain = UndertowRootDefinition.DEFAULT_SECURITY_DOMAIN.resolveModelAttribute(context, model).asString();
 
         final ModelNode instanceIdModel = UndertowRootDefinition.INSTANCE_ID.resolveModelAttribute(context, model);
         final String instanceId = instanceIdModel.isDefined() ? instanceIdModel.asString() : null;
@@ -133,7 +134,7 @@ protected void execute(DeploymentProcessorTarget processorTarget) {
 
                 processorTarget.addDeploymentProcessor(UndertowExtension.SUBSYSTEM_NAME, Phase.INSTALL, Phase.INSTALL_SERVLET_INIT_DEPLOYMENT, new ServletContainerInitializerDeploymentProcessor());
 
-                processorTarget.addDeploymentProcessor(UndertowExtension.SUBSYSTEM_NAME, Phase.INSTALL, Phase.INSTALL_WAR_DEPLOYMENT, new UndertowDeploymentProcessor(defaultVirtualHost, defaultContainer, defaultServer));
+                processorTarget.addDeploymentProcessor(UndertowExtension.SUBSYSTEM_NAME, Phase.INSTALL, Phase.INSTALL_WAR_DEPLOYMENT, new UndertowDeploymentProcessor(defaultVirtualHost, defaultContainer, defaultServer, defaultSecurityDomain));
 
             }
         }, OperationContext.Stage.RUNTIME);

diff --git a/undertow/src/main/java/org/wildfly/extension/undertow/UndertowSubsystemParser_3_0.java b/undertow/src/main/java/org/wildfly/extension/undertow/UndertowSubsystemParser_3_0.java
@@ -55,7 +55,7 @@ public class UndertowSubsystemParser_3_0 extends PersistentResourceXMLParser {
 
     static {
         xmlDescription = builder(UndertowRootDefinition.INSTANCE, Namespace.UNDERTOW_3_0.getUriString())
-                .addAttributes(UndertowRootDefinition.DEFAULT_VIRTUAL_HOST, UndertowRootDefinition.DEFAULT_SERVLET_CONTAINER, UndertowRootDefinition.DEFAULT_SERVER, UndertowRootDefinition.INSTANCE_ID)
+                .addAttributes(UndertowRootDefinition.DEFAULT_VIRTUAL_HOST, UndertowRootDefinition.DEFAULT_SERVLET_CONTAINER, UndertowRootDefinition.DEFAULT_SERVER, UndertowRootDefinition.INSTANCE_ID, UndertowRootDefinition.DEFAULT_SECURITY_DOMAIN)
                 .addAttribute(UndertowRootDefinition.STATISTICS_ENABLED)
                 .addChild(
                         builder(BufferCacheDefinition.INSTANCE)

diff --git a/.../src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java b/.../src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java
@@ -67,7 +67,6 @@
 import org.jboss.msc.service.ValueService;
 import org.jboss.msc.value.ImmediateValue;
 import org.jboss.msc.value.InjectedValue;
-import org.jboss.security.SecurityConstants;
 import org.jboss.security.SecurityUtil;
 import org.jboss.vfs.VirtualFile;
 import org.wildfly.extension.io.IOServices;
@@ -104,9 +103,11 @@ public class UndertowDeploymentProcessor implements DeploymentUnitProcessor {
     private final String defaultServer;
     private final String defaultHost;
     private final String defaultContainer;
+    private final String defaultSecurityDomain;
 
-    public UndertowDeploymentProcessor(String defaultHost, final String defaultContainer, String defaultServer) {
+    public UndertowDeploymentProcessor(String defaultHost, final String defaultContainer, String defaultServer, String defaultSecurityDomain) {
         this.defaultHost = defaultHost;
+        this.defaultSecurityDomain = defaultSecurityDomain;
         if (defaultHost == null) {
             throw UndertowLogger.ROOT_LOGGER.nullDefaultHost();
         }
@@ -224,7 +225,7 @@ private void processDeployment(final WarMetaData warMetaData, final DeploymentUn
 
         final String securityDomain;
         if(securityEnabled) {
-            securityDomain = metaDataSecurityDomain == null ? SecurityConstants.DEFAULT_APPLICATION_POLICY : SecurityUtil
+            securityDomain = metaDataSecurityDomain == null ? defaultSecurityDomain : SecurityUtil
                     .unprefixSecurityDomain(metaDataSecurityDomain);
         } else {
             securityDomain = null;

diff --git a/undertow/src/main/resources/org/wildfly/extension/undertow/LocalDescriptions.properties b/undertow/src/main/resources/org/wildfly/extension/undertow/LocalDescriptions.properties
@@ -29,6 +29,7 @@ undertow.default-servlet-container=The default servlet container to use for depl
 undertow.default-server=The default server to use for deployments
 undertow.instance-id=The cluster instance id
 undertow.statistics-enabled=Configures if are statistics enabled
+undertow.default-security-domain=The default security domain used by web deployments
 undertow.buffer-cache=The buffer cache used to cache static content
 undertow.buffer-cache.add=Adds a buffer cache
 undertow.buffer-cache.remove=Removes a buffer cache

diff --git a/undertow/src/main/resources/schema/wildfly-undertow_3_0.xsd b/undertow/src/main/resources/schema/wildfly-undertow_3_0.xsd
@@ -50,6 +50,7 @@
         <xs:attribute name="default-virtual-host" type="xs:string" default="default-host"/>
         <xs:attribute name="default-servlet-container" type="xs:string" default="default"/>
         <xs:attribute name="instance-id" type="xs:string" use="optional"/>
+        <xs:attribute name="default-security-domain" type="xs:string" use="optional" default="other"/>
         <xs:attribute name="statistics-enabled" type="xs:boolean" default="false">
           <xs:annotation>
             <xs:documentation>Whether statistics are to be gathered for undertow subsystem.</xs:documentation>