[WFLY-11787] Test checks if the identity sets by HttpServletRequest.login() is propagated into the secured EJB. #12131
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,94 @@ | ||
| /* | ||
| * JBoss, Home of Professional Open Source. | ||
| * Copyright 2019, Red Hat, Inc., and individual contributors | ||
| * as indicated by the @author tags. See the copyright.txt file in the | ||
| * distribution for a full listing of individual contributors. | ||
| * | ||
| * This is free software; you can redistribute it and/or modify it | ||
| * under the terms of the GNU Lesser General Public License as | ||
| * published by the Free Software Foundation; either version 2.1 of | ||
| * the License, or (at your option) any later version. | ||
| * | ||
| * This software is distributed in the hope that it will be useful, | ||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
| * Lesser General Public License for more details. | ||
| * | ||
| * You should have received a copy of the GNU Lesser General Public | ||
| * License along with this software; if not, write to the Free | ||
| * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA | ||
| * 02110-1301 USA, or see the FSF site: http://www.fsf.org. | ||
| */ | ||
| package org.jboss.as.test.integration.web.security.identity.propagation; | ||
|
|
||
| import org.apache.http.HttpResponse; | ||
| import org.apache.http.auth.AuthScope; | ||
| import org.apache.http.auth.UsernamePasswordCredentials; | ||
| import org.apache.http.client.CredentialsProvider; | ||
| import org.apache.http.client.methods.HttpGet; | ||
| import org.apache.http.impl.client.BasicCredentialsProvider; | ||
| import org.apache.http.impl.client.CloseableHttpClient; | ||
| import org.apache.http.impl.client.HttpClients; | ||
| import org.jboss.arquillian.container.test.api.Deployment; | ||
| import org.jboss.arquillian.container.test.api.RunAsClient; | ||
| import org.jboss.arquillian.junit.Arquillian; | ||
| import org.jboss.arquillian.test.api.ArquillianResource; | ||
| import org.jboss.as.arquillian.api.ServerSetup; | ||
| import org.jboss.as.test.integration.web.security.identity.propagation.deployment.Hello; | ||
| import org.jboss.as.test.integration.web.security.identity.propagation.deployment.HelloBean; | ||
| import org.jboss.as.test.integration.web.security.identity.propagation.deployment.IdentityPropagationServlet; | ||
| import org.jboss.shrinkwrap.api.Archive; | ||
| import org.jboss.shrinkwrap.api.ShrinkWrap; | ||
| import org.jboss.shrinkwrap.api.spec.WebArchive; | ||
| import org.junit.Test; | ||
| import org.junit.runner.RunWith; | ||
|
|
||
| import java.net.URL; | ||
|
|
||
| import static org.junit.Assert.assertEquals; | ||
| import static org.junit.Assert.assertNotNull; | ||
|
|
||
| /** | ||
| * Test configures Elytron to use Identity Propagation. | ||
| * Test deploys application with the secured servlet and checks if the identity sets by | ||
| * HttpServletRequest.login() is propagated into the secured EJB. | ||
| * | ||
| * Test for [ WFLY-11787 ]. | ||
| * | ||
| * @author Daniel Cihak | ||
| */ | ||
| @RunWith(Arquillian.class) | ||
| @ServerSetup(IdentityPropagationServerSetupTask.class) | ||
| @RunAsClient | ||
| public class IdentityPropagationAuthenticationTestCase { | ||
|
|
||
| private static final String DEPLOYMENT = "httpRequestLogin"; | ||
| public static final String USER = "user1"; | ||
| public static final String PASSWORD = "password1"; | ||
|
|
||
| @Deployment(name=DEPLOYMENT) | ||
| public static Archive<?> createDeployment() { | ||
| WebArchive war = ShrinkWrap.create(WebArchive.class, DEPLOYMENT + ".war"); | ||
| war.addClasses(HelloBean.class, Hello.class, IdentityPropagationServlet.class); | ||
| war.addAsWebInfResource(IdentityPropagationAuthenticationTestCase.class.getPackage(), "deployment/web.xml", "web.xml"); | ||
| war.addAsWebInfResource(IdentityPropagationAuthenticationTestCase.class.getPackage(), "deployment/jboss-web.xml", "jboss-web.xml"); | ||
| return war; | ||
| } | ||
|
|
||
| @Test | ||
| public void testIdentityPropagationAuthentication(@ArquillianResource URL url) throws Exception { | ||
| HttpGet httpGet = new HttpGet(url.toExternalForm() + "IdentityPropagationServlet/"); | ||
| HttpResponse response = null; | ||
|
|
||
| CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); | ||
| credentialsProvider.setCredentials(new AuthScope(url.getHost(), url.getPort()), new UsernamePasswordCredentials(USER, PASSWORD)); | ||
| try (CloseableHttpClient httpclient = HttpClients.custom() | ||
| .setDefaultCredentialsProvider(credentialsProvider) | ||
| .build()) { | ||
| response = httpclient.execute(httpGet); | ||
| } | ||
|
|
||
| assertNotNull("Response is 'null', we expected non-null response!", response); | ||
| assertEquals(200, response.getStatusLine().getStatusCode()); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,191 @@ | ||
| /* | ||
| * JBoss, Home of Professional Open Source. | ||
| * Copyright 2019, Red Hat, Inc., and individual contributors | ||
| * as indicated by the @author tags. See the copyright.txt file in the | ||
| * distribution for a full listing of individual contributors. | ||
| * | ||
| * This is free software; you can redistribute it and/or modify it | ||
| * under the terms of the GNU Lesser General Public License as | ||
| * published by the Free Software Foundation; either version 2.1 of | ||
| * the License, or (at your option) any later version. | ||
| * | ||
| * This software is distributed in the hope that it will be useful, | ||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
| * Lesser General Public License for more details. | ||
| * | ||
| * You should have received a copy of the GNU Lesser General Public | ||
| * License along with this software; if not, write to the Free | ||
| * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA | ||
| * 02110-1301 USA, or see the FSF site: http://www.fsf.org. | ||
| */ | ||
| package org.jboss.as.test.integration.web.security.identity.propagation; | ||
|
|
||
| import org.jboss.as.arquillian.container.ManagementClient; | ||
| import org.jboss.as.clustering.controller.Operations; | ||
| import org.jboss.as.controller.client.helpers.ClientConstants; | ||
| import org.jboss.as.test.integration.security.common.CoreUtils; | ||
| import org.jboss.as.test.shared.SnapshotRestoreSetupTask; | ||
| import org.jboss.dmr.ModelNode; | ||
| import org.wildfly.test.security.common.elytron.ElytronDomainSetup; | ||
| import org.wildfly.test.security.common.elytron.ServletElytronDomainSetup; | ||
|
|
||
| import java.io.File; | ||
| import java.util.ArrayList; | ||
| import java.util.List; | ||
|
|
||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ALLOW_RESOURCE_SERVICE_RESTART; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OPERATION_HEADERS; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP_ADDR; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.REMOVE; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ROLLBACK_ON_RUNTIME_FAILURE; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUBSYSTEM; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.UNDEFINE_ATTRIBUTE_OPERATION; | ||
| import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.WRITE_ATTRIBUTE_OPERATION; | ||
| import static org.jboss.as.test.integration.management.util.ModelUtil.createOpNode; | ||
|
|
||
| /** | ||
| * Server setup task for test IdentityPropagationAuthenticationTestCase. | ||
| * Configures Elytron Identity Propagation. | ||
| */ | ||
| public class IdentityPropagationServerSetupTask extends SnapshotRestoreSetupTask { | ||
|
|
||
| protected String getSecurityDomainName() { | ||
| return "auth-test"; | ||
| } | ||
|
|
||
| protected String getUsersFile() { | ||
| return new File(IdentityPropagationAuthenticationTestCase.class.getResource("users.properties").getFile()).getAbsolutePath(); | ||
| } | ||
|
|
||
| protected String getGroupsFile() { | ||
| return new File(IdentityPropagationAuthenticationTestCase.class.getResource("roles.properties").getFile()).getAbsolutePath(); | ||
| } | ||
|
|
||
| @Override | ||
| public void doSetup(ManagementClient managementClient, String containerId) throws Exception { | ||
| List<ModelNode> operations = new ArrayList<>(); | ||
|
|
||
| // /subsystem=elytron/properties-realm=auth-test-ejb3-UsersRoles:add(users-properties={path=users.properties, plain-text=true},groups-properties={path=roles.properties}) | ||
| // /subsystem=elytron/security-domain=auth-test:add(default-realm=auth-test-ejb3-UsersRoles, realms=[{realm=auth-test-ejb3-UsersRoles}]) | ||
| ElytronDomainSetup elytronDomainSetup = new ElytronDomainSetup(getUsersFile(), getGroupsFile(), getSecurityDomainName()); | ||
| elytronDomainSetup.setup(managementClient, containerId); | ||
|
|
||
| // /subsystem=elytron/http-authentication-factory=auth-test:add(http-server-mechanism-factory=global,security-domain=auth-test,mechanism-configurations=[{mechanism-name=BASIC}]) | ||
| // /subsystem=undertow/application-security-domain=auth-test:add(http-authentication-factory=auth-test) | ||
| ServletElytronDomainSetup servletElytronDomainSetup = new ServletElytronDomainSetup(getSecurityDomainName()); | ||
| servletElytronDomainSetup.setup(managementClient, containerId); | ||
|
|
||
| // /subsystem=elytron/sasl-authentication-factory=auth-test:add(sasl-server-factory=configured,security-domain=auth-test,mechanism-configurations=[{mechanism-name=BASIC}]) | ||
| ModelNode addSaslAuthentication = createOpNode("subsystem=elytron/sasl-authentication-factory=" + getSecurityDomainName(), ADD); | ||
| addSaslAuthentication.get("sasl-server-factory").set("configured"); | ||
| addSaslAuthentication.get("security-domain").set(getSecurityDomainName()); | ||
| addSaslAuthentication.get("mechanism-configurations").get(0).get("mechanism-name").set("PLAIN"); | ||
| operations.add(addSaslAuthentication); | ||
|
|
||
| // /subsystem=remoting/http-connector=http-remoting-connector:write-attribute(name=sasl-authentication-factory, value=auth-test) | ||
| ModelNode updateRemotingConnector = createOpNode("subsystem=remoting/http-connector=http-remoting-connector", WRITE_ATTRIBUTE_OPERATION); | ||
| updateRemotingConnector.get(ClientConstants.NAME).set("sasl-authentication-factory"); | ||
| updateRemotingConnector.get(ClientConstants.VALUE).set(getSecurityDomainName()); | ||
| operations.add(updateRemotingConnector); | ||
| // subsystem=remoting/http-connector=http-remoting-connector:undefine-attribute(name=security-realm) | ||
| ModelNode undefineAttrOp2 = createOpNode("subsystem=remoting/http-connector=http-remoting-connector", UNDEFINE_ATTRIBUTE_OPERATION); | ||
| undefineAttrOp2.get(ClientConstants.NAME).set("security-realm"); | ||
| operations.add(undefineAttrOp2); | ||
|
|
||
| // /subsystem=ejb3/application-security-domain=auth-test:add(security-domain=auth-test) | ||
| ModelNode addEjbDomain = createOpNode("subsystem=ejb3/application-security-domain=" + getSecurityDomainName(), ADD); | ||
| addEjbDomain.get("security-domain").set(getSecurityDomainName()); | ||
| operations.add(addEjbDomain); | ||
| // /subsystem=ejb3:write-attribute(name=default-missing-method-permissions-deny-access, value=false) | ||
| ModelNode updateDefaultMissingMethod = createOpNode("subsystem=ejb3", WRITE_ATTRIBUTE_OPERATION); | ||
| updateDefaultMissingMethod.get(ClientConstants.NAME).set("default-missing-method-permissions-deny-access"); | ||
| updateDefaultMissingMethod.get(ClientConstants.VALUE).set(false); | ||
| operations.add(updateDefaultMissingMethod); | ||
|
|
||
| // core-service=management/management-interface=http-interface:write-attribute(name=http-upgrade,value={enabled=true, sasl-authentication-factory=management-sasl-authentication}) | ||
| ModelNode writeAttrOp4 = createOpNode("core-service=management/management-interface=http-interface", WRITE_ATTRIBUTE_OPERATION); | ||
| writeAttrOp4.get(ClientConstants.NAME).set("http-upgrade"); | ||
| writeAttrOp4.get(ClientConstants.VALUE).add("enabled", true); | ||
| writeAttrOp4.get(ClientConstants.VALUE).add("sasl-authentication-factory", getSecurityDomainName()); | ||
| operations.add(writeAttrOp4); | ||
| // core-service=management/management-interface=http-interface:write-attribute(name=http-authentication-factory,value=management-http-authentication) | ||
| ModelNode writeAttrOp5 = createOpNode("core-service=management/management-interface=http-interface", WRITE_ATTRIBUTE_OPERATION); | ||
| writeAttrOp5.get(ClientConstants.NAME).set("http-authentication-factory"); | ||
| writeAttrOp5.get(ClientConstants.VALUE).set(getSecurityDomainName()); | ||
| operations.add(writeAttrOp5); | ||
| // core-service=management/management-interface=http-interface:undefine-attribute(name=security-realm) | ||
| ModelNode undefineAttrOp3 = createOpNode("core-service=management/management-interface=http-interface", UNDEFINE_ATTRIBUTE_OPERATION); | ||
| undefineAttrOp3.get(ClientConstants.NAME).set("security-realm"); | ||
| operations.add(undefineAttrOp3); | ||
|
|
||
| // /subsystem=elytron/authentication-configuration=forwardit:add(security-domain=ApplicationDomain, sasl-mechanism-selector="#ALL") | ||
| ModelNode addAuthenticationConfiguration = createOpNode("subsystem=elytron/authentication-configuration=forwardit", ADD); | ||
| addAuthenticationConfiguration.get("authentication-name").set("theserver1"); | ||
| addAuthenticationConfiguration.get("security-domain").set("ApplicationDomain"); | ||
| addAuthenticationConfiguration.get("realm").set("ApplicationRealm"); | ||
| addAuthenticationConfiguration.get("forwarding-mode").set("authorization"); | ||
| //addAuthenticationConfiguration.get("sasl-mechanism-selector").set("#ALL"); | ||
| operations.add(addAuthenticationConfiguration); | ||
|
|
||
| // /subsystem=elytron/authentication-context=forwardctx:add(match-rules=[{match-no-user=true, authentication-configuration=forwardit}]) | ||
| ModelNode addAuthenticationContext = createOpNode("subsystem=elytron/authentication-context=forwardctx", ADD); | ||
| addAuthenticationContext.get("match-rules").get(0).get("match-no-user").set(true); | ||
| addAuthenticationContext.get("match-rules").get(0).get("authentication-configuration").set("forwardit"); | ||
| operations.add(addAuthenticationContext); | ||
|
|
||
| // /subsystem=elytron/simple-permission-mapper=default-permission-mapper: | ||
| // write-attribute(name=permission-mappings[1], value={principals=[anonymous], permissions=[ | ||
| // {class-name="org.wildfly.security.auth.permission.RunAsPrincipalPermission",target-name="*"}, | ||
| // {class-name="org.wildfly.security.auth.permission.LoginPermission"} | ||
| // {class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission, module=org.wildfly.extension.batch.jberet, target-name=*}, | ||
| // {class-name=org.wildfly.transaction.client.RemoteTransactionPermission, module=org.wildfly.transaction.client}, | ||
| // {class-name=org.jboss.ejb.client.RemoteEJBPermission, module=org.jboss.ejb-client}]}) | ||
| ModelNode setPermissionMapping1 = createOpNode("subsystem=elytron/simple-permission-mapper=default-permission-mapper", WRITE_ATTRIBUTE_OPERATION); | ||
| setPermissionMapping1.get(ClientConstants.NAME).set("permission-mappings[1]"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("principals").get(0).set("theserver1"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(0).get("class-name").set("org.wildfly.security.auth.permission.RunAsPrincipalPermission"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(0).get("target-name").set("*"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(1).get("class-name").set("org.wildfly.security.auth.permission.LoginPermission"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(2).get("class-name").set("org.wildfly.extension.batch.jberet.deployment.BatchPermission"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(2).get("module").set("org.wildfly.extension.batch.jberet"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(2).get("target-name").set("*"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(3).get("class-name").set("org.wildfly.transaction.client.RemoteTransactionPermission"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(3).get("module").set("org.wildfly.transaction.client"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(4).get("class-name").set("org.jboss.ejb.client.RemoteEJBPermission"); | ||
| setPermissionMapping1.get(ClientConstants.VALUE).get("permissions").get(4).get("module").set("org.jboss.ejb-client"); | ||
| operations.add(setPermissionMapping1); | ||
|
|
||
| // /subsystem=elytron/simple-permission-mapper=default-permission-mapper: | ||
| // write-attribute(name=permission-mappings[2], value={match-all=true, permissions=[ | ||
| // {class-name=org.wildfly.security.auth.permission.LoginPermission}, | ||
| // {class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission, module=org.wildfly.extension.batch.jberet, target-name=*}, | ||
| // {class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client}, | ||
| // {class-name=org.jboss.ejb.client.RemoteEJBPermission, module=org.jboss.ejb-client}]}) | ||
| ModelNode setPermissionMapping2 = createOpNode("subsystem=elytron/simple-permission-mapper=default-permission-mapper", WRITE_ATTRIBUTE_OPERATION); | ||
| setPermissionMapping2.get(ClientConstants.NAME).set("permission-mappings[2]"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("match-all").set(true); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(0).get("class-name").set("org.wildfly.security.auth.permission.LoginPermission"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(1).get("class-name").set("org.wildfly.extension.batch.jberet.deployment.BatchPermission"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(1).get("module").set("org.wildfly.extension.batch.jberet"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(1).get("target-name").set("*"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(2).get("class-name").set("org.wildfly.transaction.client.RemoteTransactionPermission"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(2).get("module").set("org.wildfly.transaction.client"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(3).get("class-name").set("org.jboss.ejb.client.RemoteEJBPermission"); | ||
| setPermissionMapping2.get(ClientConstants.VALUE).get("permissions").get(3).get("module").set("org.jboss.ejb-client"); | ||
| operations.add(setPermissionMapping2); | ||
|
|
||
| ModelNode updateOp = Operations.createCompositeOperation(operations); | ||
| updateOp.get(OPERATION_HEADERS, ROLLBACK_ON_RUNTIME_FAILURE).set(false); | ||
| updateOp.get(OPERATION_HEADERS, ALLOW_RESOURCE_SERVICE_RESTART).set(true); | ||
| CoreUtils.applyUpdate(updateOp, managementClient.getControllerClient()); | ||
|
|
||
| ModelNode removeSecurityOp = new ModelNode(); | ||
| removeSecurityOp.get(OP).set(REMOVE); | ||
| removeSecurityOp.get(OP_ADDR).add(SUBSYSTEM, "security"); | ||
| CoreUtils.applyUpdate(removeSecurityOp, managementClient.getControllerClient()); | ||
| } | ||
|
|
||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| package org.jboss.as.test.integration.web.security.identity.propagation.deployment; | ||
|
|
||
|
|
||
| public interface Hello { | ||
|
|
||
| void call(); | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| package org.jboss.as.test.integration.web.security.identity.propagation.deployment; | ||
|
|
||
|
|
||
| import org.jboss.ejb3.annotation.SecurityDomain; | ||
|
|
||
| import javax.annotation.security.RolesAllowed; | ||
| import javax.ejb.Remote; | ||
| import javax.ejb.Stateless; | ||
|
|
||
| @Stateless(name="Hello") | ||
| @Remote(Hello.class) | ||
| @SecurityDomain("auth-test") | ||
| public class HelloBean implements Hello { | ||
|
|
||
| @RolesAllowed({ "guest" }) | ||
| public void call() { | ||
| } | ||
| } | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Really I think it would be nice to get all of these operations into org.wildfly.test.security.common.AbstractElytronSetupTask to create ConfigurableElement instances so the same resources can be created for further test cases.
That is probably a task outside this PR as it looks like we also need to update AbstractElytronSetupTask to also extend SnapshotRestoreSetupTask or at least make use of that in the tests so the setup tasks can avoid deleting resources.