Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WFLY-2137 Fix circular dependency between security subsystem, jacorb … #7946

Merged
merged 1 commit into from Aug 19, 2015
Merged

WFLY-2137 Fix circular dependency between security subsystem, jacorb … #7946

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
18 changes: 1 addition & 17 deletions security/subsystem/src/main/java/org/jboss/as/security/SecurityDomainAdd.java
View file
Open in desktop
Expand Up @@ -69,7 +69,6 @@
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import javax.security.auth.login.Configuration;
import javax.transaction.TransactionManager;

import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.OperationContext;
Expand All @@ -84,11 +83,8 @@
import org.jboss.as.security.service.SecurityManagementService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.msc.inject.InjectionException;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.JBossJSSESecurityDomain;
Expand All @@ -111,7 +107,6 @@
import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
import org.jboss.security.mapping.MappingType;
import org.jboss.security.mapping.config.MappingModuleEntry;
import org.jboss.security.plugins.TransactionManagerLocator;
import org.wildfly.clustering.infinispan.spi.service.CacheContainerServiceName;

/**
Expand Down Expand Up @@ -160,23 +155,12 @@ public void launchServices(OperationContext context, String securityDomain, Mode
final SecurityDomainService securityDomainService = new SecurityDomainService(securityDomain,
applicationPolicy, jsseSecurityDomain, cacheType);
final ServiceTarget target = context.getServiceTarget();
// some login modules may require the TransactionManager
final Injector<TransactionManager> transactionManagerInjector = new Injector<TransactionManager>() {
public void inject(final TransactionManager value) throws InjectionException {
TransactionManagerLocator.setTransactionManager(value);
}

public void uninject() {
}
};
ServiceBuilder<SecurityDomainContext> builder = target
.addService(SecurityDomainService.SERVICE_NAME.append(securityDomain), securityDomainService)
.addDependency(SecurityManagementService.SERVICE_NAME, ISecurityManagement.class,
securityDomainService.getSecurityManagementInjector())
.addDependency(JaasConfigurationService.SERVICE_NAME, Configuration.class,
securityDomainService.getConfigurationInjector())
.addDependency(ServiceBuilder.DependencyType.OPTIONAL, ServiceName.JBOSS.append("txn", "TransactionManager"), TransactionManager.class,
transactionManagerInjector);
securityDomainService.getConfigurationInjector());

if ("infinispan".equals(cacheType)) {
builder.addDependency(CacheContainerServiceName.CACHE_CONTAINER.getServiceName(CACHE_CONTAINER_NAME),
Expand Down
24 changes: 23 additions & 1 deletion ...ubsystem/src/main/java/org/jboss/as/security/SecuritySubsystemRootResourceDefinition.java
View file
Open in desktop
Expand Up @@ -22,6 +22,7 @@
package org.jboss.as.security;

import javax.security.auth.login.Configuration;
import javax.transaction.TransactionManager;

import org.jboss.as.controller.AbstractBoottimeAddStepHandler;
import org.jboss.as.controller.OperationContext;
Expand All @@ -35,6 +36,7 @@
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.access.constraint.SensitivityClassification;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.naming.ServiceBasedNamingStore;
import org.jboss.as.naming.deployment.ContextNames;
Expand All @@ -56,7 +58,9 @@
import org.jboss.as.server.moduleservice.ServiceModuleLoader;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.SecurityContextAssociation;
Expand All @@ -75,6 +79,8 @@
*/
public class SecuritySubsystemRootResourceDefinition extends SimpleResourceDefinition {

static final RuntimeCapability<?> SECURITY_SUBSYSTEM = RuntimeCapability.Builder.of("org.wildfly.security").build();

static final SensitiveTargetAccessConstraintDefinition MISC_SECURITY_SENSITIVITY = new SensitiveTargetAccessConstraintDefinition(
new SensitivityClassification(SecurityExtension.SUBSYSTEM_NAME, "misc-security", false, true, true));

Expand All @@ -87,10 +93,12 @@ public class SecuritySubsystemRootResourceDefinition extends SimpleResourceDefin

private SecuritySubsystemRootResourceDefinition() {
super(SecurityExtension.PATH_SUBSYSTEM,
SecurityExtension.getResourceDescriptionResolver(SecurityExtension.SUBSYSTEM_NAME), NewSecuritySubsystemAdd.INSTANCE, ReloadRequiredRemoveStepHandler.INSTANCE);
SecurityExtension.getResourceDescriptionResolver(SecurityExtension.SUBSYSTEM_NAME), NewSecuritySubsystemAdd.INSTANCE, new ReloadRequiredRemoveStepHandler(SECURITY_SUBSYSTEM));
setDeprecated(SecurityExtension.DEPRECATED_SINCE);
}



public void registerAttributes(final ManagementResourceRegistration resourceRegistration) {
resourceRegistration.registerReadWriteAttribute(DEEP_COPY_SUBJECT_MODE, null, new ReloadRequiredWriteAttributeHandler(DEEP_COPY_SUBJECT_MODE));
}
Expand Down Expand Up @@ -119,6 +127,9 @@ static class NewSecuritySubsystemAdd extends AbstractBoottimeAddStepHandler {

public static final OperationStepHandler INSTANCE = new NewSecuritySubsystemAdd();

NewSecuritySubsystemAdd() {
super(SECURITY_SUBSYSTEM);
}

@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
Expand Down Expand Up @@ -171,6 +182,17 @@ protected void performBoottime(OperationContext context, ModelNode operation, Mo
target.addService(JaasConfigurationService.SERVICE_NAME, jaasConfigurationService)
.setInitialMode(ServiceController.Mode.ACTIVE).install();

//setup the transaction manager locator

if(context.hasOptionalCapability("org.wildfly.transactions", SECURITY_SUBSYSTEM.getName(), null)) {
TransactionManagerLocatorService service = new TransactionManagerLocatorService();
target.addService(TransactionManagerLocatorService.SERVICE_NAME, service)
.addDependency( ServiceName.JBOSS.append("txn", "TransactionManager"), TransactionManager.class, service.getTransactionManagerInjectedValue())
.install();
} else {
target.addService(TransactionManagerLocatorService.SERVICE_NAME, Service.NULL).install();
}

//add Simple Security Manager Service
final SimpleSecurityManagerService simpleSecurityManagerService = new SimpleSecurityManagerService();

Expand Down
45 changes: 45 additions & 0 deletions security/subsystem/src/main/java/org/jboss/as/security/TransactionManagerLocatorService.java
View file
Open in desktop
@@ -0,0 +1,45 @@
package org.jboss.as.security;

import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.jboss.security.plugins.TransactionManagerLocator;

import javax.transaction.TransactionManager;

/**
* Service that initializes the TransactionManagerLocator.
*
* Note that even if the transaction manager is not present this service will still be installed,
* so services can depend on it without needing to do a check for the capability.
*
* @author Stuart Douglas
*/
public class TransactionManagerLocatorService implements Service<Void> {

public static ServiceName SERVICE_NAME = SecurityExtension.JBOSS_SECURITY.append("transaction-manager-locator");

private final InjectedValue<TransactionManager> transactionManagerInjectedValue = new InjectedValue<>();

@Override
public void start(StartContext startContext) throws StartException {
TransactionManagerLocator.setTransactionManager(transactionManagerInjectedValue.getValue());
}

@Override
public void stop(StopContext stopContext) {
TransactionManagerLocator.setTransactionManager(null);
}

@Override
public Void getValue() throws IllegalStateException, IllegalArgumentException {
return null;
}

public InjectedValue<TransactionManager> getTransactionManagerInjectedValue() {
return transactionManagerInjectedValue;
}
}
3 changes: 1 addition & 2 deletions transactions/src/main/java/org/jboss/as/txn/subsystem/TransactionSubsystemAdd.java
View file
Open in desktop
Expand Up @@ -105,10 +105,9 @@ class TransactionSubsystemAdd extends AbstractBoottimeAddStepHandler {
static final TransactionSubsystemAdd INSTANCE = new TransactionSubsystemAdd();

private TransactionSubsystemAdd() {
//
super(TransactionSubsystemRootResourceDefinition.TRANSACTION_CAPABILITY);
}


@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
populateModelWithRecoveryEnvConfig(operation, model);
Expand Down
4 changes: 4 additions & 0 deletions transactions/src/main/java/org/jboss/as/txn/subsystem/TransactionSubsystemRemove.java
View file
Open in desktop
Expand Up @@ -34,6 +34,10 @@ class TransactionSubsystemRemove extends ReloadRequiredRemoveStepHandler {

static final TransactionSubsystemRemove INSTANCE = new TransactionSubsystemRemove();

public TransactionSubsystemRemove() {
super(TransactionSubsystemRootResourceDefinition.TRANSACTION_CAPABILITY);
}

/**
* Suppresses removal of the log-store=log-store child, as that remove op handler is a no-op.
*/
Expand Down
4 changes: 4 additions & 0 deletions .../src/main/java/org/jboss/as/txn/subsystem/TransactionSubsystemRootResourceDefinition.java
View file
Open in desktop
Expand Up @@ -39,6 +39,7 @@
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.client.helpers.MeasurementUnit;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.as.controller.operations.validation.IntRangeValidator;
Expand All @@ -60,6 +61,9 @@
*/
public class TransactionSubsystemRootResourceDefinition extends SimpleResourceDefinition {

public static final RuntimeCapability<Void> TRANSACTION_CAPABILITY = RuntimeCapability.Builder.of("org.wildfly.transactions")
.build();

//recovery environment
public static final SimpleAttributeDefinition BINDING = new SimpleAttributeDefinitionBuilder(CommonAttributes.BINDING, ModelType.STRING, false)
.setValidator(new StringLengthValidator(1))
Expand Down