diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderAddHandler.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderAddHandler.java index 2caf552b7b42..c25ebb576c39 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderAddHandler.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderAddHandler.java @@ -31,6 +31,7 @@ import org.jboss.as.controller.registry.Resource; import org.jboss.as.security.service.SecurityDomainService; import org.jboss.dmr.ModelNode; +import org.jboss.dmr.Property; import org.jboss.msc.service.ServiceBuilder; import org.jboss.msc.service.ServiceController; import org.picketlink.identity.federation.bindings.wildfly.idp.UndertowAttributeManager; @@ -76,10 +77,18 @@ public void execute(OperationContext context, ModelNode operation) throws Operat protected void performRuntime(final OperationContext context, final ModelNode operation, final ModelNode model, final ServiceVerificationHandler verificationHandler, final List> newControllers) throws OperationFailedException { PathAddress pathAddress = PathAddress.pathAddress(operation.get(ModelDescriptionConstants.ADDRESS)); ModelNode identityProviderNode = Resource.Tools.readModel(context.readResource(EMPTY_ADDRESS)); - launchServices(context, identityProviderNode, verificationHandler, newControllers, pathAddress); + launchServices(context, identityProviderNode, verificationHandler, newControllers, pathAddress, false); } - static void launchServices(OperationContext context, ModelNode model, ServiceVerificationHandler verificationHandler, List> newControllers, PathAddress pathAddress) throws OperationFailedException { + @Override + protected void rollbackRuntime(OperationContext context, ModelNode operation, Resource resource) { + try { + IdentityProviderRemoveHandler.INSTANCE.performRuntime(context, operation, resource.getModel()); + } catch (OperationFailedException ignore) { + } + } + + static void launchServices(OperationContext context, ModelNode model, ServiceVerificationHandler verificationHandler, List> newControllers, PathAddress pathAddress, boolean isRestart) throws OperationFailedException { String alias = pathAddress.getLastElement().getValue(); IdentityProviderService service = new IdentityProviderService(toIDPConfig(context, model, alias)); ServiceBuilder serviceBuilder = context.getServiceTarget().addService(IdentityProviderService.createServiceName(alias), service); @@ -105,6 +114,10 @@ static void launchServices(OperationContext context, ModelNode model, ServiceVer if (newControllers != null) { newControllers.add(controller); } + + if (isRestart) { + restartTrustDomains(alias, model, context); + } } static IDPConfiguration toIDPConfig(OperationContext context, ModelNode fromModel, String alias) throws OperationFailedException { @@ -151,7 +164,6 @@ static IDPConfiguration toIDPConfig(OperationContext context, ModelNode fromMode String roleGeneratorType; if (roleGenerator.isDefined()) { - //TODO: resolve PLINK- ModelNode roleGeneratorValue = roleGenerator.asProperty().getValue(); ModelNode classNameNode = RoleGeneratorResourceDefinition.CLASS_NAME.resolveModelAttribute(context, roleGeneratorValue); ModelNode codeNode = RoleGeneratorResourceDefinition.CODE.resolveModelAttribute(context, roleGeneratorValue); @@ -194,10 +206,13 @@ static IDPConfiguration toIDPConfig(OperationContext context, ModelNode fromMode return idpType; } - @Override protected void rollbackRuntime(OperationContext context, ModelNode operation, Resource resource) { - try { - IdentityProviderRemoveHandler.INSTANCE.performRuntime(context, operation, resource.getModel()); - } catch (OperationFailedException ignore) { + private static void restartTrustDomains(String identityProviderName, ModelNode modelNode, OperationContext context) { + if (modelNode.hasDefined(ModelElement.IDENTITY_PROVIDER_TRUST_DOMAIN.getName())) { + for (Property handlerProperty : modelNode.get(ModelElement.IDENTITY_PROVIDER_TRUST_DOMAIN.getName()).asPropertyList()) { + String domainName = handlerProperty.getName(); + + TrustDomainAddHandler.restartServices(context, identityProviderName , domainName); + } } } } \ No newline at end of file diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigAddStepHandler.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigAddStepHandler.java index d68aa16715b7..81656d925720 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigAddStepHandler.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigAddStepHandler.java @@ -75,7 +75,12 @@ public void execute(OperationContext context, ModelNode operation) throws Operat @Override protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel, ServiceVerificationHandler verificationHandler) throws OperationFailedException { - IdentityProviderAddHandler.launchServices(context, parentModel, verificationHandler, null, parentAddress); + IdentityProviderAddHandler.launchServices(context, parentModel, verificationHandler, null, parentAddress, true); + } + + @Override + protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel) throws OperationFailedException { + IdentityProviderAddHandler.launchServices(context, parentModel, null, null, parentAddress, true); } @Override diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigRemoveStepHandler.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigRemoveStepHandler.java index c4bb58f46fc8..3fe6d76237f9 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigRemoveStepHandler.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderConfigRemoveStepHandler.java @@ -33,9 +33,6 @@ import org.wildfly.extension.picketlink.federation.service.IdentityProviderService; /** - *

This remove handler is used during the removal of all partition-manager child resources. Its purpose is restart the - * identity store services prior to the child removal, so we can stop all store services properly before restarting the parent.

- * * @author Pedro Silva */ public class IdentityProviderConfigRemoveStepHandler extends RestartParentResourceRemoveHandler { @@ -48,7 +45,12 @@ private IdentityProviderConfigRemoveStepHandler() { @Override protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel, ServiceVerificationHandler verificationHandler) throws OperationFailedException { - IdentityProviderAddHandler.launchServices(context, parentModel, verificationHandler, null, parentAddress); + IdentityProviderAddHandler.launchServices(context, parentModel, verificationHandler, null, parentAddress, true); + } + + @Override + protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel) throws OperationFailedException { + IdentityProviderAddHandler.launchServices(context, parentModel, null, null, parentAddress, true); } @Override diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderRemoveHandler.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderRemoveHandler.java index c848406de6b7..dd4d55f76e58 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderRemoveHandler.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderRemoveHandler.java @@ -53,6 +53,6 @@ protected void performRuntime(OperationContext context, ModelNode operation, Mod @Override protected void recoverServices(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException { - IdentityProviderAddHandler.launchServices(context, model, null, null, PathAddress.pathAddress(operation.get(ADDRESS))); + IdentityProviderAddHandler.launchServices(context, model, null, null, PathAddress.pathAddress(operation.get(ADDRESS)), false); } } diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderResourceDefinition.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderResourceDefinition.java index 8bf320483587..49de8c2f22e9 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderResourceDefinition.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderResourceDefinition.java @@ -22,23 +22,21 @@ package org.wildfly.extension.picketlink.federation.model.idp; -import org.jboss.as.controller.AbstractWriteAttributeHandler; import org.jboss.as.controller.AttributeDefinition; import org.jboss.as.controller.ExtensionContext; import org.jboss.as.controller.OperationContext; import org.jboss.as.controller.OperationFailedException; import org.jboss.as.controller.OperationStepHandler; import org.jboss.as.controller.PathAddress; +import org.jboss.as.controller.RestartParentWriteAttributeHandler; +import org.jboss.as.controller.ServiceVerificationHandler; import org.jboss.as.controller.SimpleAttributeDefinition; import org.jboss.as.controller.SimpleAttributeDefinitionBuilder; import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition; -import org.jboss.as.controller.descriptions.ModelDescriptionConstants; import org.jboss.as.controller.registry.ManagementResourceRegistration; -import org.jboss.as.controller.registry.Resource; import org.jboss.dmr.ModelNode; import org.jboss.dmr.ModelType; -import org.jboss.msc.service.ServiceController; -import org.jboss.msc.service.ServiceRegistry; +import org.jboss.msc.service.ServiceName; import org.wildfly.extension.picketlink.common.model.ModelElement; import org.wildfly.extension.picketlink.federation.model.AbstractFederationResourceDefinition; import org.wildfly.extension.picketlink.federation.model.handlers.HandlerResourceDefinition; @@ -46,8 +44,6 @@ import java.util.List; -import static org.jboss.as.controller.PathAddress.EMPTY_ADDRESS; - /** * @author Pedro Silva * @since Mar 16, 2012 @@ -122,7 +118,12 @@ public void registerAttributes(ManagementResourceRegistration resourceRegistrati @Override protected OperationStepHandler createAttributeWriterHandler() { List attributes = getAttributes(); - return new AbstractWriteAttributeHandler(attributes.toArray(new AttributeDefinition[attributes.size()])) { + return new RestartParentWriteAttributeHandler(ModelElement.IDENTITY_PROVIDER.getName(), attributes.toArray(new AttributeDefinition[attributes.size()])) { + @Override + protected ServiceName getParentServiceName(PathAddress parentAddress) { + return IdentityProviderService.createServiceName(parentAddress.getLastElement().getValue()); + } + @Override public void execute(OperationContext context, ModelNode operation) throws OperationFailedException { context.addStep(new IdentityProviderValidationStepHandler(), OperationContext.Stage.MODEL); @@ -130,39 +131,13 @@ public void execute(OperationContext context, ModelNode operation) throws Operat } @Override - protected boolean applyUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName, ModelNode resolvedValue, ModelNode currentValue, HandbackHolder handbackHolder) throws OperationFailedException { - PathAddress pathAddress = PathAddress.pathAddress(operation.get(ModelDescriptionConstants.OP_ADDR)); - - updateConfiguration(context, pathAddress, false); - - return false; + protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel) throws OperationFailedException { + IdentityProviderAddHandler.launchServices(context, parentModel, null, null, parentAddress, true); } @Override - protected void revertUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName, ModelNode valueToRestore, ModelNode valueToRevert, Object handback) throws OperationFailedException { - PathAddress pathAddress = PathAddress.pathAddress(operation.get(ModelDescriptionConstants.OP_ADDR)); - updateConfiguration(context, pathAddress, true); - } - - private void updateConfiguration(OperationContext context, PathAddress pathAddress, boolean rollback) throws OperationFailedException { - String alias = pathAddress.getLastElement().getValue(); - ServiceRegistry serviceRegistry = context.getServiceRegistry(false); - ServiceController serviceController = - (ServiceController) serviceRegistry.getService(IdentityProviderService.createServiceName(alias)); - - if (serviceController != null) { - IdentityProviderService service = serviceController.getValue(); - ModelNode identityProviderNode; - - if (!rollback) { - identityProviderNode = context.readResource(EMPTY_ADDRESS, false).getModel(); - } else { - Resource rc = context.getOriginalRootResource().navigate(pathAddress); - identityProviderNode = rc.getModel(); - } - - service.setConfiguration(IdentityProviderAddHandler.toIDPConfig(context, identityProviderNode, alias)); - } + protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel, ServiceVerificationHandler verificationHandler) throws OperationFailedException { + IdentityProviderAddHandler.launchServices(context, parentModel, null, null, parentAddress, true); } }; } diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/TrustDomainAddHandler.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/TrustDomainAddHandler.java index b207323a103a..c9c6e8caba91 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/TrustDomainAddHandler.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/idp/TrustDomainAddHandler.java @@ -32,6 +32,7 @@ import org.jboss.dmr.ModelNode; import org.jboss.msc.service.ServiceBuilder; import org.jboss.msc.service.ServiceController; +import org.jboss.msc.service.ServiceName; import org.wildfly.extension.picketlink.federation.service.IdentityProviderService; import org.wildfly.extension.picketlink.federation.service.TrustDomainService; @@ -48,12 +49,17 @@ public class TrustDomainAddHandler extends AbstractAddStepHandler { static final TrustDomainAddHandler INSTANCE = new TrustDomainAddHandler(); static void launchServices(OperationContext context, PathAddress pathAddress, ModelNode model, ServiceVerificationHandler verificationHandler, List> newControllers) throws OperationFailedException { - String identityProviderAlias = pathAddress.subAddress(0, pathAddress.size() - 1).getLastElement().getValue(); + String identityProviderName = pathAddress.subAddress(0, pathAddress.size() - 1).getLastElement().getValue(); String domainName = pathAddress.getLastElement().getValue(); + launchServices(context, identityProviderName, domainName, verificationHandler, newControllers); + } + + static void launchServices(OperationContext context, String identityProviderName, String domainName, ServiceVerificationHandler verificationHandler, List> newControllers) { TrustDomainService service = new TrustDomainService(domainName); - ServiceBuilder serviceBuilder = context.getServiceTarget().addService(TrustDomainService.createServiceName(identityProviderAlias, domainName), service); + ServiceName serviceName = TrustDomainService.createServiceName(identityProviderName, domainName); + ServiceBuilder serviceBuilder = context.getServiceTarget().addService(serviceName, service); - serviceBuilder.addDependency(IdentityProviderService.createServiceName(identityProviderAlias), IdentityProviderService.class, service.getIdentityProviderService()); + serviceBuilder.addDependency(IdentityProviderService.createServiceName(identityProviderName), IdentityProviderService.class, service.getIdentityProviderService()); if (verificationHandler != null) { serviceBuilder.addListener(verificationHandler); @@ -66,6 +72,14 @@ static void launchServices(OperationContext context, PathAddress pathAddress, Mo } } + static void restartServices(OperationContext context, String identityProviderName, String domainName) { + ServiceName serviceName = TrustDomainService.createServiceName(identityProviderName, domainName); + + context.removeService(serviceName); + + launchServices(context, identityProviderName, domainName, null, null); + } + @Override protected void populateModel(OperationContext context, ModelNode operation, Resource resource) throws OperationFailedException { ModelNode model = resource.getModel(); @@ -82,11 +96,4 @@ protected void performRuntime(OperationContext context, ModelNode operation, Mod ServiceVerificationHandler verificationHandler, List> newControllers) throws OperationFailedException { launchServices(context, PathAddress.pathAddress(operation.get(ADDRESS)), model, verificationHandler, newControllers); } - - @Override protected void rollbackRuntime(OperationContext context, ModelNode operation, Resource resource) { - try { - TrustDomainRemoveHandler.INSTANCE.performRuntime(context, operation, resource.getModel()); - } catch (OperationFailedException ignore) { - } - } } diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/sp/ServiceProviderResourceDefinition.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/sp/ServiceProviderResourceDefinition.java index 583fbc4dd49a..8bfbf1cb7bef 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/sp/ServiceProviderResourceDefinition.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/model/sp/ServiceProviderResourceDefinition.java @@ -21,23 +21,21 @@ */ package org.wildfly.extension.picketlink.federation.model.sp; -import org.jboss.as.controller.AbstractWriteAttributeHandler; import org.jboss.as.controller.AttributeDefinition; import org.jboss.as.controller.ExtensionContext; import org.jboss.as.controller.OperationContext; import org.jboss.as.controller.OperationFailedException; import org.jboss.as.controller.OperationStepHandler; import org.jboss.as.controller.PathAddress; +import org.jboss.as.controller.RestartParentWriteAttributeHandler; +import org.jboss.as.controller.ServiceVerificationHandler; import org.jboss.as.controller.SimpleAttributeDefinition; import org.jboss.as.controller.SimpleAttributeDefinitionBuilder; import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition; -import org.jboss.as.controller.descriptions.ModelDescriptionConstants; import org.jboss.as.controller.registry.ManagementResourceRegistration; -import org.jboss.as.controller.registry.Resource; import org.jboss.dmr.ModelNode; import org.jboss.dmr.ModelType; -import org.jboss.msc.service.ServiceController; -import org.jboss.msc.service.ServiceRegistry; +import org.jboss.msc.service.ServiceName; import org.wildfly.extension.picketlink.common.model.ModelElement; import org.wildfly.extension.picketlink.federation.model.AbstractFederationResourceDefinition; import org.wildfly.extension.picketlink.federation.model.handlers.HandlerResourceDefinition; @@ -115,43 +113,20 @@ public void registerAttributes(ManagementResourceRegistration resourceRegistrati @Override protected OperationStepHandler createAttributeWriterHandler() { List attributes = getAttributes(); - return new AbstractWriteAttributeHandler(attributes.toArray(new AttributeDefinition[attributes.size()])) { + return new RestartParentWriteAttributeHandler(ModelElement.SERVICE_PROVIDER.getName(), attributes.toArray(new AttributeDefinition[attributes.size()])) { @Override - protected boolean applyUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName, ModelNode resolvedValue, ModelNode currentValue, HandbackHolder handbackHolder) throws OperationFailedException { - PathAddress pathAddress = PathAddress.pathAddress(operation.get(ModelDescriptionConstants.OP_ADDR)); - - updateConfiguration(context, pathAddress, false); - - return false; + protected ServiceName getParentServiceName(PathAddress parentAddress) { + return ServiceProviderService.createServiceName(parentAddress.getLastElement().getValue()); } @Override - protected void revertUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName, ModelNode valueToRestore, ModelNode valueToRevert, Object handback) throws OperationFailedException { - PathAddress pathAddress = PathAddress.pathAddress(operation.get(ModelDescriptionConstants.OP_ADDR)); - - updateConfiguration(context, pathAddress, true); + protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel) throws OperationFailedException { + ServiceProviderAddHandler.launchService(context, parentAddress, parentModel, null, null); } - private void updateConfiguration(OperationContext context, PathAddress pathAddress, boolean rollback) throws OperationFailedException { - String alias = pathAddress.getLastElement().getValue(); - ServiceRegistry serviceRegistry = context.getServiceRegistry(false); - ServiceController serviceController = - (ServiceController) serviceRegistry.getService(ServiceProviderService.createServiceName(alias)); - - if (serviceController != null) { - ServiceProviderService service = serviceController.getValue(); - - ModelNode serviceProviderNode; - - if (!rollback) { - serviceProviderNode = context.readResource(PathAddress.EMPTY_ADDRESS, false).getModel(); - } else { - Resource rc = context.getOriginalRootResource().navigate(pathAddress); - serviceProviderNode = rc.getModel(); - } - - service.setConfiguration(ServiceProviderAddHandler.toSPConfig(context, serviceProviderNode, alias)); - } + @Override + protected void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel, ServiceVerificationHandler verificationHandler) throws OperationFailedException { + ServiceProviderAddHandler.launchService(context, parentAddress, parentModel, null, null); } }; } diff --git a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/service/TrustDomainService.java b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/service/TrustDomainService.java index f1dc6b307703..28537080f216 100644 --- a/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/service/TrustDomainService.java +++ b/picketlink/src/main/java/org/wildfly/extension/picketlink/federation/service/TrustDomainService.java @@ -38,14 +38,13 @@ public class TrustDomainService implements Service { private static final String SERVICE_NAME = "TrustDomainService"; private final String domainName; private final InjectedValue identityProviderService = new InjectedValue(); - private final InjectedValue federationService = new InjectedValue(); public TrustDomainService(String domainName) { this.domainName = domainName; } - public static ServiceName createServiceName(final String federationAlias, String domainName) { - return ServiceName.JBOSS.append(FederationExtension.SUBSYSTEM_NAME, SERVICE_NAME, federationAlias + "." + domainName); + public static ServiceName createServiceName(String identityProviderName, String domainName) { + return ServiceName.JBOSS.append(FederationExtension.SUBSYSTEM_NAME, SERVICE_NAME, identityProviderName + "." + domainName); } @Override