org.wildfly.swarm.config.security.SecurityDomain Maven / Gradle / Ivy

Show more of this group Show more artifacts with this name
Show all versions of config-api Show documentation
There is a newer version: 2.7.0
package org.wildfly.swarm.config.security;

import org.wildfly.swarm.config.runtime.AttributeDocumentation;
import org.wildfly.swarm.config.runtime.ResourceDocumentation;
import org.wildfly.swarm.config.runtime.SingletonResource;
import org.wildfly.swarm.config.runtime.Address;
import org.wildfly.swarm.config.runtime.ResourceType;
import java.beans.PropertyChangeSupport;
import java.beans.PropertyChangeListener;
import java.util.List;
import org.wildfly.swarm.config.runtime.Subresource;
import org.wildfly.swarm.config.security.security_domain.ClassicJSSE;
import org.wildfly.swarm.config.security.security_domain.ClassicJSSEConsumer;
import org.wildfly.swarm.config.security.security_domain.ClassicJSSESupplier;
import org.wildfly.swarm.config.security.security_domain.ClassicAuthorization;
import org.wildfly.swarm.config.security.security_domain.ClassicAuthorizationConsumer;
import org.wildfly.swarm.config.security.security_domain.ClassicAuthorizationSupplier;
import org.wildfly.swarm.config.security.security_domain.ClassicAudit;
import org.wildfly.swarm.config.security.security_domain.ClassicAuditConsumer;
import org.wildfly.swarm.config.security.security_domain.ClassicAuditSupplier;
import org.wildfly.swarm.config.security.security_domain.ClassicACL;
import org.wildfly.swarm.config.security.security_domain.ClassicACLConsumer;
import org.wildfly.swarm.config.security.security_domain.ClassicACLSupplier;
import org.wildfly.swarm.config.security.security_domain.JaspiAuthentication;
import org.wildfly.swarm.config.security.security_domain.JaspiAuthenticationConsumer;
import org.wildfly.swarm.config.security.security_domain.JaspiAuthenticationSupplier;
import org.wildfly.swarm.config.security.security_domain.ClassicMapping;
import org.wildfly.swarm.config.security.security_domain.ClassicMappingConsumer;
import org.wildfly.swarm.config.security.security_domain.ClassicMappingSupplier;
import org.wildfly.swarm.config.security.security_domain.ClassicIdentityTrust;
import org.wildfly.swarm.config.security.security_domain.ClassicIdentityTrustConsumer;
import org.wildfly.swarm.config.security.security_domain.ClassicIdentityTrustSupplier;
import org.wildfly.swarm.config.security.security_domain.ClassicAuthentication;
import org.wildfly.swarm.config.security.security_domain.ClassicAuthenticationConsumer;
import org.wildfly.swarm.config.security.security_domain.ClassicAuthenticationSupplier;
import org.wildfly.swarm.config.runtime.ModelNodeBinding;
import java.util.Arrays;

/**
 * Configures a security domain. Authentication, authorization, ACL, mapping,
 * auditing and identity trust are configured here.
 */
@Address("/subsystem=security/security-domain=*")
@ResourceType("security-domain")
public class SecurityDomain>
		implements
			org.wildfly.swarm.config.runtime.Keyed {

	private String key;
	private PropertyChangeSupport pcs;
	private SecurityDomainResources subresources = new SecurityDomainResources();
	@AttributeDocumentation("Adds a cache to speed up authentication checks. Allowed values are 'default' to use simple map as the cache and 'infinispan' to use an Infinispan cache.")
	private CacheType cacheType;

	public SecurityDomain(java.lang.String key) {
		super();
		this.key = key;
	}

	public String getKey() {
		return this.key;
	}

	/**
	 * Adds a property change listener
	 */
	public void addPropertyChangeListener(PropertyChangeListener listener) {
		if (null == this.pcs)
			this.pcs = new PropertyChangeSupport(this);
		this.pcs.addPropertyChangeListener(listener);
	}

	/**
	 * Removes a property change listener
	 */
	public void removePropertyChangeListener(
			java.beans.PropertyChangeListener listener) {
		if (this.pcs != null)
			this.pcs.removePropertyChangeListener(listener);
	}

	public SecurityDomainResources subresources() {
		return this.subresources;
	}

	/**
	 * JSSE configuration. Configures attributes for keystores that can be used
	 * for setting up SSL.
	 */
	@SuppressWarnings("unchecked")
	public T classicJsse(ClassicJSSE value) {
		this.subresources.classicJsse = value;
		return (T) this;
	}

	/**
	 * JSSE configuration. Configures attributes for keystores that can be used
	 * for setting up SSL.
	 */
	@SuppressWarnings("unchecked")
	public T classicJsse(ClassicJSSEConsumer consumer) {
		ClassicJSSE child = new ClassicJSSE<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.classicJsse = child;
		return (T) this;
	}

	/**
	 * JSSE configuration. Configures attributes for keystores that can be used
	 * for setting up SSL.
	 */
	@SuppressWarnings("unchecked")
	public T classicJsse() {
		ClassicJSSE child = new ClassicJSSE<>();
		this.subresources.classicJsse = child;
		return (T) this;
	}

	/**
	 * JSSE configuration. Configures attributes for keystores that can be used
	 * for setting up SSL.
	 */
	@SuppressWarnings("unchecked")
	public T classicJsse(ClassicJSSESupplier supplier) {
		this.subresources.classicJsse = supplier.get();
		return (T) this;
	}

	/**
	 * Authorization configuration. Configures a list of authorization policy
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthorization(ClassicAuthorization value) {
		this.subresources.classicAuthorization = value;
		return (T) this;
	}

	/**
	 * Authorization configuration. Configures a list of authorization policy
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthorization(ClassicAuthorizationConsumer consumer) {
		ClassicAuthorization child = new ClassicAuthorization<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.classicAuthorization = child;
		return (T) this;
	}

	/**
	 * Authorization configuration. Configures a list of authorization policy
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthorization() {
		ClassicAuthorization child = new ClassicAuthorization<>();
		this.subresources.classicAuthorization = child;
		return (T) this;
	}

	/**
	 * Authorization configuration. Configures a list of authorization policy
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthorization(ClassicAuthorizationSupplier supplier) {
		this.subresources.classicAuthorization = supplier.get();
		return (T) this;
	}

	/**
	 * Auditing configuration. Configures a list of provider modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAudit(ClassicAudit value) {
		this.subresources.classicAudit = value;
		return (T) this;
	}

	/**
	 * Auditing configuration. Configures a list of provider modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAudit(ClassicAuditConsumer consumer) {
		ClassicAudit child = new ClassicAudit<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.classicAudit = child;
		return (T) this;
	}

	/**
	 * Auditing configuration. Configures a list of provider modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAudit() {
		ClassicAudit child = new ClassicAudit<>();
		this.subresources.classicAudit = child;
		return (T) this;
	}

	/**
	 * Auditing configuration. Configures a list of provider modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAudit(ClassicAuditSupplier supplier) {
		this.subresources.classicAudit = supplier.get();
		return (T) this;
	}

	/**
	 * Access control list configuration. Configures a list of ACL modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAcl(ClassicACL value) {
		this.subresources.classicAcl = value;
		return (T) this;
	}

	/**
	 * Access control list configuration. Configures a list of ACL modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAcl(ClassicACLConsumer consumer) {
		ClassicACL child = new ClassicACL<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.classicAcl = child;
		return (T) this;
	}

	/**
	 * Access control list configuration. Configures a list of ACL modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAcl() {
		ClassicACL child = new ClassicACL<>();
		this.subresources.classicAcl = child;
		return (T) this;
	}

	/**
	 * Access control list configuration. Configures a list of ACL modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAcl(ClassicACLSupplier supplier) {
		this.subresources.classicAcl = supplier.get();
		return (T) this;
	}

	/**
	 * JASPI authentication configuration.
	 */
	@SuppressWarnings("unchecked")
	public T jaspiAuthentication(JaspiAuthentication value) {
		this.subresources.jaspiAuthentication = value;
		return (T) this;
	}

	/**
	 * JASPI authentication configuration.
	 */
	@SuppressWarnings("unchecked")
	public T jaspiAuthentication(JaspiAuthenticationConsumer consumer) {
		JaspiAuthentication child = new JaspiAuthentication<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.jaspiAuthentication = child;
		return (T) this;
	}

	/**
	 * JASPI authentication configuration.
	 */
	@SuppressWarnings("unchecked")
	public T jaspiAuthentication() {
		JaspiAuthentication child = new JaspiAuthentication<>();
		this.subresources.jaspiAuthentication = child;
		return (T) this;
	}

	/**
	 * JASPI authentication configuration.
	 */
	@SuppressWarnings("unchecked")
	public T jaspiAuthentication(JaspiAuthenticationSupplier supplier) {
		this.subresources.jaspiAuthentication = supplier.get();
		return (T) this;
	}

	/**
	 * Mapping configuration. Configures a list of mapping modules to be used
	 * for principal, role, attribute and credential mapping.
	 */
	@SuppressWarnings("unchecked")
	public T classicMapping(ClassicMapping value) {
		this.subresources.classicMapping = value;
		return (T) this;
	}

	/**
	 * Mapping configuration. Configures a list of mapping modules to be used
	 * for principal, role, attribute and credential mapping.
	 */
	@SuppressWarnings("unchecked")
	public T classicMapping(ClassicMappingConsumer consumer) {
		ClassicMapping child = new ClassicMapping<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.classicMapping = child;
		return (T) this;
	}

	/**
	 * Mapping configuration. Configures a list of mapping modules to be used
	 * for principal, role, attribute and credential mapping.
	 */
	@SuppressWarnings("unchecked")
	public T classicMapping() {
		ClassicMapping child = new ClassicMapping<>();
		this.subresources.classicMapping = child;
		return (T) this;
	}

	/**
	 * Mapping configuration. Configures a list of mapping modules to be used
	 * for principal, role, attribute and credential mapping.
	 */
	@SuppressWarnings("unchecked")
	public T classicMapping(ClassicMappingSupplier supplier) {
		this.subresources.classicMapping = supplier.get();
		return (T) this;
	}

	/**
	 * Identity trust configuration. Configures a list of trust modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicIdentityTrust(ClassicIdentityTrust value) {
		this.subresources.classicIdentityTrust = value;
		return (T) this;
	}

	/**
	 * Identity trust configuration. Configures a list of trust modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicIdentityTrust(ClassicIdentityTrustConsumer consumer) {
		ClassicIdentityTrust child = new ClassicIdentityTrust<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.classicIdentityTrust = child;
		return (T) this;
	}

	/**
	 * Identity trust configuration. Configures a list of trust modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicIdentityTrust() {
		ClassicIdentityTrust child = new ClassicIdentityTrust<>();
		this.subresources.classicIdentityTrust = child;
		return (T) this;
	}

	/**
	 * Identity trust configuration. Configures a list of trust modules to be
	 * used.
	 */
	@SuppressWarnings("unchecked")
	public T classicIdentityTrust(ClassicIdentityTrustSupplier supplier) {
		this.subresources.classicIdentityTrust = supplier.get();
		return (T) this;
	}

	/**
	 * Traditional authentication configuration. Configures a list of login
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthentication(ClassicAuthentication value) {
		this.subresources.classicAuthentication = value;
		return (T) this;
	}

	/**
	 * Traditional authentication configuration. Configures a list of login
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthentication(ClassicAuthenticationConsumer consumer) {
		ClassicAuthentication child = new ClassicAuthentication<>();
		if (consumer != null) {
			consumer.accept(child);
		}
		this.subresources.classicAuthentication = child;
		return (T) this;
	}

	/**
	 * Traditional authentication configuration. Configures a list of login
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthentication() {
		ClassicAuthentication child = new ClassicAuthentication<>();
		this.subresources.classicAuthentication = child;
		return (T) this;
	}

	/**
	 * Traditional authentication configuration. Configures a list of login
	 * modules to be used.
	 */
	@SuppressWarnings("unchecked")
	public T classicAuthentication(ClassicAuthenticationSupplier supplier) {
		this.subresources.classicAuthentication = supplier.get();
		return (T) this;
	}

	/**
	 * Child mutators for SecurityDomain
	 */
	public static class SecurityDomainResources {
		@SingletonResource
		@ResourceDocumentation("JSSE configuration. Configures attributes for keystores that can be used for setting up SSL.")
		private ClassicJSSE classicJsse;
		@SingletonResource
		@ResourceDocumentation("Authorization configuration. Configures a list of authorization policy modules to be used.")
		private ClassicAuthorization classicAuthorization;
		@SingletonResource
		@ResourceDocumentation("Auditing configuration. Configures a list of provider modules to be used.")
		private ClassicAudit classicAudit;
		@SingletonResource
		@ResourceDocumentation("Access control list configuration. Configures a list of ACL modules to be used.")
		private ClassicACL classicAcl;
		@SingletonResource
		@ResourceDocumentation("JASPI authentication configuration.")
		private JaspiAuthentication jaspiAuthentication;
		@SingletonResource
		@ResourceDocumentation("Mapping configuration. Configures a list of mapping modules to be used for principal, role, attribute and credential mapping.")
		private ClassicMapping classicMapping;
		@SingletonResource
		@ResourceDocumentation("Identity trust configuration. Configures a list of trust modules to be used.")
		private ClassicIdentityTrust classicIdentityTrust;
		@SingletonResource
		@ResourceDocumentation("Traditional authentication configuration.  Configures a list of login modules to be used.")
		private ClassicAuthentication classicAuthentication;

		/**
		 * JSSE configuration. Configures attributes for keystores that can be
		 * used for setting up SSL.
		 */
		@Subresource
		public ClassicJSSE classicJsse() {
			return this.classicJsse;
		}

		/**
		 * Authorization configuration. Configures a list of authorization
		 * policy modules to be used.
		 */
		@Subresource
		public ClassicAuthorization classicAuthorization() {
			return this.classicAuthorization;
		}

		/**
		 * Auditing configuration. Configures a list of provider modules to be
		 * used.
		 */
		@Subresource
		public ClassicAudit classicAudit() {
			return this.classicAudit;
		}

		/**
		 * Access control list configuration. Configures a list of ACL modules
		 * to be used.
		 */
		@Subresource
		public ClassicACL classicAcl() {
			return this.classicAcl;
		}

		/**
		 * JASPI authentication configuration.
		 */
		@Subresource
		public JaspiAuthentication jaspiAuthentication() {
			return this.jaspiAuthentication;
		}

		/**
		 * Mapping configuration. Configures a list of mapping modules to be
		 * used for principal, role, attribute and credential mapping.
		 */
		@Subresource
		public ClassicMapping classicMapping() {
			return this.classicMapping;
		}

		/**
		 * Identity trust configuration. Configures a list of trust modules to
		 * be used.
		 */
		@Subresource
		public ClassicIdentityTrust classicIdentityTrust() {
			return this.classicIdentityTrust;
		}

		/**
		 * Traditional authentication configuration. Configures a list of login
		 * modules to be used.
		 */
		@Subresource
		public ClassicAuthentication classicAuthentication() {
			return this.classicAuthentication;
		}
	}

	public static enum CacheType {
		DEFAULT("default"), INFINISPAN("infinispan");
		private final String allowedValue;

		/**
		 * Returns the allowed value for the management model.
		 * 
		 * @return the allowed model value
		 */
		public String getAllowedValue() {
			return allowedValue;
		}

		CacheType(java.lang.String allowedValue) {
			this.allowedValue = allowedValue;
		}

		@Override
		public String toString() {
			return allowedValue;
		}
	}

	/**
	 * Adds a cache to speed up authentication checks. Allowed values are
	 * 'default' to use simple map as the cache and 'infinispan' to use an
	 * Infinispan cache.
	 */
	@ModelNodeBinding(detypedName = "cache-type")
	public CacheType cacheType() {
		return this.cacheType;
	}

	/**
	 * Adds a cache to speed up authentication checks. Allowed values are
	 * 'default' to use simple map as the cache and 'infinispan' to use an
	 * Infinispan cache.
	 */
	@SuppressWarnings("unchecked")
	public T cacheType(CacheType value) {
		Object oldValue = this.cacheType;
		this.cacheType = value;
		if (this.pcs != null)
			this.pcs.firePropertyChange("cacheType", oldValue, value);
		return (T) this;
	}
}