diff --git a/feature-pack/src/main/resources/feature_groups/elytron-with-tls.xml b/feature-pack/src/main/resources/feature_groups/elytron-with-tls.xml
deleted file mode 100644
index dfc7e07..0000000
--- a/feature-pack/src/main/resources/feature_groups/elytron-with-tls.xml
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/feature-pack/src/main/resources/modules/system/layers/base/org/wildfly/extension/elytron-tls/main/module.xml b/feature-pack/src/main/resources/modules/system/layers/base/org/wildfly/extension/elytron-tls/main/module.xml
index 5115aed..2751183 100644
--- a/feature-pack/src/main/resources/modules/system/layers/base/org/wildfly/extension/elytron-tls/main/module.xml
+++ b/feature-pack/src/main/resources/modules/system/layers/base/org/wildfly/extension/elytron-tls/main/module.xml
@@ -38,6 +38,7 @@
+
\ No newline at end of file
diff --git a/testsuite/integration/pom.xml b/testsuite/integration/pom.xml
index c797446..a4ec780 100644
--- a/testsuite/integration/pom.xml
+++ b/testsuite/integration/pom.xml
@@ -88,6 +88,10 @@
wildfly-arquillian-protocol-jmx
test
+
+ org.wildfly.core
+ wildfly-core-test-runner
+
\ No newline at end of file
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/ModelNodeConvertable.java b/testsuite/integration/subsystem/src/test/java/org/jboss/as/test/shared/CliUtils.java
similarity index 54%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/ModelNodeConvertable.java
rename to testsuite/integration/subsystem/src/test/java/org/jboss/as/test/shared/CliUtils.java
index 663bce3..3690729 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/ModelNodeConvertable.java
+++ b/testsuite/integration/subsystem/src/test/java/org/jboss/as/test/shared/CliUtils.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2017 Red Hat, Inc.
+ * Copyright 2016 Red Hat, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -14,17 +14,24 @@
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
+package org.jboss.as.test.shared;
-import org.jboss.dmr.ModelNode;
+import static org.wildfly.common.Assert.checkNotNullParamWithNullPointerException;
/**
- * Represents objects which are convertable to ModelNode instances.
+ * CLI helper methods.
*
* @author Josef Cacek
*/
-public interface ModelNodeConvertable {
-
- ModelNode toModelNode();
+public class CliUtils {
+ /**
+ * Escapes given path String for CLI.
+ *
+ * @param path path string to escape (must be not-null)
+ * @return escaped path
+ */
+ public static String escapePath(String path) {
+ return checkNotNullParamWithNullPointerException("path", path).replace("\\", "\\\\");
+ }
}
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/AbstractConfigurableElement.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/AbstractConfigurableElement.java
deleted file mode 100644
index fe51f83..0000000
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/AbstractConfigurableElement.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright 2017 Red Hat, Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
-
-import static org.wildfly.common.Assert.checkNotNullParamWithNullPointerException;
-
-/**
- * Abstract parent for {@link ConfigurableElement} implementations. It just holds common fields and provides parent for
- * builders.
- *
- * @author Josef Cacek
- */
-public abstract class AbstractConfigurableElement implements ConfigurableElement {
-
- protected final String name;
-
- protected AbstractConfigurableElement(Builder builder) {
- checkNotNullParamWithNullPointerException("builder", builder);
- this.name = checkNotNullParamWithNullPointerException("builder.name", builder.name);
- }
-
- @Override
- public final String getName() {
- return name;
- }
-
- /**
- * Builder to build {@link AbstractConfigurableElement}.
- */
- public abstract static class Builder> {
- private String name;
-
- protected Builder() {
- }
-
- protected abstract T self();
-
- public final T withName(String name) {
- this.name = name;
- return self();
- }
-
- }
-
-}
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/ConfigurableElement.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/ConfigurableElement.java
deleted file mode 100644
index 326c606..0000000
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/ConfigurableElement.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2017 Red Hat, Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
-
-import org.jboss.as.controller.client.ModelControllerClient;
-import org.jboss.as.test.integration.management.util.CLIWrapper;
-
-/**
- * Interface representing a configurable object in domain model. The implementation has to override at least one of the
- * {@code create(...)} methods and one of the {@code remove(...)} methods.
- *
- * @author Josef Cacek
- */
-public interface ConfigurableElement {
-
- /**
- * Returns name of this element.
- */
- String getName();
-
- /**
- * Creates this element in domain model and it also may create other resources if needed (e.g. external files).
- * Implementation can choose if controller client is used or provided CLI wrapper.
- */
- void create(ModelControllerClient client, CLIWrapper cli) throws Exception;
-
- /**
- * Reverts the changes introdued by {@code create(...)} method(s).
- */
- void remove(ModelControllerClient client, CLIWrapper cli) throws Exception;
-}
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/CredentialReference.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/CredentialReference.java
deleted file mode 100644
index b68ad67..0000000
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/CredentialReference.java
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * Copyright 2017 Red Hat, Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
-
-import static org.apache.commons.lang3.StringUtils.isNotBlank;
-import static org.wildfly.test.security.common.ModelNodeUtil.setIfNotNull;
-
-import org.jboss.dmr.ModelNode;
-import org.wildfly.test.security.common.elytron.CliFragment;
-
-/**
- * Helper class for adding "credential-reference" attributes into CLI commands.
- *
- * @author Josef Cacek
- */
-public class CredentialReference implements CliFragment, ModelNodeConvertable {
-
- public static final CredentialReference EMPTY = CredentialReference.builder().build();
-
- private final String store;
- private final String alias;
- private final String type;
- private final String clearText;
-
- private CredentialReference(Builder builder) {
- this.store = builder.store;
- this.alias = builder.alias;
- this.type = builder.type;
- this.clearText = builder.clearText;
- }
-
- @Override
- public String asString() {
- StringBuilder sb = new StringBuilder();
- if (isNotBlank(alias) || isNotBlank(clearText) || isNotBlank(store) || isNotBlank(type)) {
- sb.append("credential-reference={ ");
- if (isNotBlank(alias)) {
- sb.append(String.format("alias=\"%s\", ", alias));
- }
- if (isNotBlank(store)) {
- sb.append(String.format("store=\"%s\", ", store));
- }
- if (isNotBlank(type)) {
- sb.append(String.format("type=\"%s\", ", type));
- }
- if (isNotBlank(clearText)) {
- sb.append(String.format("clear-text=\"%s\"", clearText));
- }
- sb.append("}, ");
- }
- return sb.toString();
- }
-
- @Override
- public ModelNode toModelNode() {
- if (this == EMPTY) {
- return null;
- }
- final ModelNode node= new ModelNode();
- setIfNotNull(node, "store", store);
- setIfNotNull(node, "alias", alias);
- setIfNotNull(node, "type", type);
- setIfNotNull(node, "clear-text", clearText);
- return node;
- }
-
- /**
- * Creates builder to build {@link CredentialReference}.
- *
- * @return created builder
- */
- public static Builder builder() {
- return new Builder();
- }
-
- /**
- * Builder to build {@link CredentialReference}.
- */
- public static final class Builder {
- private String store;
- private String alias;
- private String type;
- private String clearText;
-
- private Builder() {
- }
-
- public Builder withStore(String store) {
- this.store = store;
- return this;
- }
-
- public Builder withAlias(String alias) {
- this.alias = alias;
- return this;
- }
-
- public Builder withType(String type) {
- this.type = type;
- return this;
- }
-
- public Builder withClearText(String clearText) {
- this.clearText = clearText;
- return this;
- }
-
- public CredentialReference build() {
- return new CredentialReference(this);
- }
- }
-}
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/expression/SystemPropertyExpressionTestCase.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/expression/SystemPropertyExpressionTestCase.java
new file mode 100644
index 0000000..4945cc6
--- /dev/null
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/expression/SystemPropertyExpressionTestCase.java
@@ -0,0 +1,248 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2021 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.wildfly.test.integration.elytron.tls.subsystem.expression;
+
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ALLOW_RESOURCE_SERVICE_RESTART;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.COMPOSITE;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.CORE_SERVICE;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OPERATION_HEADERS;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OUTCOME;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.PLATFORM_MBEAN;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.RESULT;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.STEPS;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUBSYSTEM;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUCCESS;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SYSTEM_PROPERTY;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.TYPE;
+import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.VALUE;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.jboss.as.controller.PathAddress;
+import org.jboss.as.controller.client.ModelControllerClient;
+import org.jboss.as.controller.client.helpers.ClientConstants;
+import org.jboss.as.controller.operations.common.Util;
+import org.jboss.as.test.integration.management.util.ServerReload;
+import org.jboss.as.test.shared.TestSuiteEnvironment;
+import org.jboss.dmr.ModelNode;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.wildfly.core.testrunner.ManagementClient;
+import org.wildfly.core.testrunner.ServerSetup;
+import org.wildfly.core.testrunner.ServerSetupTask;
+import org.wildfly.core.testrunner.UnsuccessfulOperationException;
+import org.wildfly.core.testrunner.WildflyTestRunner;
+import org.wildfly.security.auth.server.IdentityCredentials;
+import org.wildfly.security.credential.PasswordCredential;
+import org.wildfly.security.credential.SecretKeyCredential;
+import org.wildfly.security.credential.store.CredentialStore;
+import org.wildfly.security.credential.store.impl.KeyStoreCredentialStore;
+import org.wildfly.security.encryption.SecretKeyUtil;
+import org.wildfly.security.password.interfaces.ClearPassword;
+
+@RunWith(WildflyTestRunner.class)
+@ServerSetup(SystemPropertyExpressionTestCase.ServerSetup.class)
+public class SystemPropertyExpressionTestCase {
+
+ private static final String CNAME = SystemPropertyExpressionTestCase.class.getSimpleName();
+ private static final String CS_PATH = "target/" + CNAME + ".cs";
+ private static final PathAddress SUBSYSTEM_ADDRESS = PathAddress.pathAddress(SUBSYSTEM, "elytron");
+ private static final PathAddress ENCRYPTION_ADDRESS = SUBSYSTEM_ADDRESS.append("expression", "encryption");
+ private static final String CREDENTIAL_STORE = "credential-store";
+ private static final PathAddress CREDENTIAL_STORE_ADDRESS = SUBSYSTEM_ADDRESS.append(CREDENTIAL_STORE, CNAME);
+ private static final String SECURE_KEY = "RUxZAUsXHVcDh99zAdxGEzTBK1h2qjW+sZg2+37w7ijhDEiJEw==";
+ private static final PathAddress RUNTIME_ADDRESS = PathAddress.pathAddress(CORE_SERVICE, PLATFORM_MBEAN).append(TYPE, "runtime");
+ private static final String PROP = CNAME;
+ private static final String MISSING_PROP = PROP + "-missing";
+
+ private static final String CLEAR_TEXT = "Lorem ipsum dolor sit amet";
+
+ public static final class ServerSetup implements ServerSetupTask {
+ @Override
+ public void setup(ManagementClient managementClient) throws Exception {
+ addCredentialStore(managementClient);
+ managementClient.executeForResult(getAddExpressionEncyryptionOp());
+ }
+
+ @Override
+ public void tearDown(ManagementClient managementClient) throws Exception {
+ try {
+ safeRemoveSystemProperty(managementClient, PROP);
+ safeRemoveSystemProperty(managementClient, MISSING_PROP);
+ removeExpressionEncryption(managementClient.getControllerClient());
+ } finally {
+ removeCredentialStore(managementClient);
+ }
+ }
+
+ private static void addCredentialStore(ManagementClient managementClient) throws GeneralSecurityException, IOException, UnsuccessfulOperationException {
+ cleanCredentialStoreFile();
+ KeyStore ks = KeyStore.getInstance("JCEKS");
+ ks.load(null, null);
+ ks.store(Files.newOutputStream(Paths.get(CS_PATH)), CNAME.toCharArray());
+
+ Map attributes = new HashMap<>();
+ attributes.put("location", CS_PATH);
+ attributes.put("keyStoreType", "JCEKS");
+ attributes.put("modifiable", "true");
+
+ PasswordCredential credential = new PasswordCredential(ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, CNAME.toCharArray()));
+ CredentialStore credentialStore = CredentialStore.getInstance(KeyStoreCredentialStore.KEY_STORE_CREDENTIAL_STORE);
+
+ credentialStore.initialize(attributes,
+ new CredentialStore.CredentialSourceProtectionParameter(IdentityCredentials.NONE.withCredential(credential)));
+ credentialStore.store("securekey", new SecretKeyCredential(SecretKeyUtil.importSecretKey(SECURE_KEY)));
+ credentialStore.flush();
+
+ ModelNode addOp = Util.createAddOperation(CREDENTIAL_STORE_ADDRESS);
+ addOp.get("location").set(CS_PATH);
+ addOp.get("credential-reference", "clear-text").set(CNAME);
+ addOp.get("providers").set("combined-providers");
+ managementClient.executeForResult(addOp);
+ }
+
+ private static void safeRemoveSystemProperty(ManagementClient managementClient, String prop) {
+ try {
+ managementClient.getControllerClient().execute(Util.createRemoveOperation(PathAddress.pathAddress(SYSTEM_PROPERTY, prop)));
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+
+ private static void removeCredentialStore(ManagementClient managementClient) throws UnsuccessfulOperationException {
+ try {
+ ModelNode removeOp = Util.createRemoveOperation(CREDENTIAL_STORE_ADDRESS);
+ managementClient.executeForResult(removeOp);
+ ServerReload.executeReloadAndWaitForCompletion(managementClient.getControllerClient());
+ } finally {
+ cleanCredentialStoreFile();
+ }
+ }
+
+ private static void cleanCredentialStoreFile() {
+ File f = new File(CS_PATH);
+ assert !f.exists() || f.delete();
+ }
+ }
+
+ private static ModelNode getAddExpressionEncyryptionOp() {
+ ModelNode encAdd = Util.createAddOperation(ENCRYPTION_ADDRESS);
+ encAdd.get("default-resolver").set("Default");
+ ModelNode resolvers = encAdd.get("resolvers");
+ ModelNode resolver = new ModelNode();
+ resolver.get("name").set("Default");
+ resolver.get(CREDENTIAL_STORE).set(CNAME);
+ resolver.get("secret-key").set("securekey");
+ resolvers.add(resolver);
+ return encAdd;
+ }
+
+ private static void removeExpressionEncryption(ModelControllerClient modelControllerClient) throws IOException {
+ ModelNode removeOp = Util.createRemoveOperation(ENCRYPTION_ADDRESS);
+ removeOp.get(OPERATION_HEADERS, ALLOW_RESOURCE_SERVICE_RESTART).set(true);
+ assertSuccess(modelControllerClient.execute(removeOp));
+ }
+
+ @Test
+ public void testEncryptedSystemProperties() throws Exception {
+
+ PathAddress propAddress = PathAddress.pathAddress(SYSTEM_PROPERTY, PROP);
+ try (ModelControllerClient client = TestSuiteEnvironment.getModelControllerClient()) {
+
+ assertNull(getSystemProperty(client, PROP));
+ assertNull(getSystemProperty(client, MISSING_PROP));
+
+ ModelNode response = createExpression(client);
+ assertSuccess(response);
+ String expression = response.get(ClientConstants.RESULT).get("expression").asString();
+
+ ModelNode addOp = Util.createAddOperation(propAddress);
+ addOp.get(VALUE).set(expression);
+
+ response = client.execute(addOp);
+ assertSuccess(response);
+
+ assertEquals(CLEAR_TEXT, getSystemProperty(client, PROP));
+
+ removeExpressionEncryption(client);
+
+ // Removing the resolver doesn't affect the system property
+ assertEquals(CLEAR_TEXT, getSystemProperty(client, PROP));
+
+ ModelNode missingAddOp = Util.createAddOperation(PathAddress.pathAddress(SYSTEM_PROPERTY, MISSING_PROP));
+ missingAddOp.get(VALUE).set(expression);
+ // The add should succeed, but the expression would be resolved as if it were a standard expression with a default
+ assertSuccess(client.execute(missingAddOp));
+ assertEquals(expression.substring(expression.indexOf(":Default:"), expression.length() - 1), getSystemProperty(client, MISSING_PROP));
+
+ // Clean up
+ assertSuccess(client.execute(Util.createRemoveOperation(PathAddress.pathAddress(SYSTEM_PROPERTY, MISSING_PROP))));
+ assertNull(getSystemProperty(client, MISSING_PROP));
+
+ // If the prop and the resolver are added in a composite, then proper resolution can occur during op execution
+ ModelNode composite = Util.createEmptyOperation(COMPOSITE, PathAddress.EMPTY_ADDRESS);
+ ModelNode steps = composite.get(STEPS);
+ steps.add(missingAddOp);
+
+ steps.add(getAddExpressionEncyryptionOp());
+
+ assertSuccess(client.execute(composite));
+
+ assertEquals(CLEAR_TEXT, getSystemProperty(client, MISSING_PROP));
+
+ // Test boot behavior. Reload and confirm the property is set.
+ ServerReload.executeReloadAndWaitForCompletion(client);
+
+ assertEquals(CLEAR_TEXT, getSystemProperty(client, PROP));
+
+ }
+ }
+
+ private static ModelNode createExpression(ModelControllerClient client) throws IOException {
+ ModelNode createExpression = Util.createEmptyOperation("create-expression", ENCRYPTION_ADDRESS);
+ createExpression.get("resolver").set("Default");
+ createExpression.get("clear-text").set(CLEAR_TEXT);
+
+ return client.execute(createExpression);
+ }
+
+ private static void assertSuccess(ModelNode response) {
+ if (!response.get(OUTCOME).asString().equals(SUCCESS)) {
+ Assert.fail(response.toJSONString(false));
+ }
+ }
+
+ private static String getSystemProperty(ModelControllerClient client, String property) throws IOException {
+ ModelNode response = client.execute(Util.getReadAttributeOperation(RUNTIME_ADDRESS, "system-properties"));
+ assertSuccess(response);
+ ModelNode val = response.get(RESULT, property);
+ return val.isDefined() ? val.asString() : null;
+ }
+}
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/sanity/SubsystemSanityTestCase.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/sanity/ElytronTlsSanityTestCase.java
similarity index 90%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/sanity/SubsystemSanityTestCase.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/sanity/ElytronTlsSanityTestCase.java
index 82ebc79..c12bb23 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/sanity/SubsystemSanityTestCase.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/sanity/ElytronTlsSanityTestCase.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.sanity;
+package org.wildfly.test.integration.elytron.tls.subsystem.sanity;
import javax.inject.Inject;
@@ -33,7 +33,7 @@
* @author Kabir Khan
*/
@RunWith(Arquillian.class)
-public class SubsystemSanityTestCase {
+public class ElytronTlsSanityTestCase {
@Inject
@ExampleQualifier
@@ -43,7 +43,7 @@ public class SubsystemSanityTestCase {
public static WebArchive getDeployment() {
final WebArchive webArchive = ShrinkWrap.create(WebArchive.class, "sanity-test.war")
.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml")
- .addPackage(SubsystemSanityTestCase.class.getPackage());
+ .addPackage(ElytronTlsSanityTestCase.class.getPackage());
return webArchive;
}
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/tls/OpenSslTlsTestCase.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/tls/OpenSslTlsTestCase.java
similarity index 94%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/tls/OpenSslTlsTestCase.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/tls/OpenSslTlsTestCase.java
index 2e47ca1..7832219 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/tls/OpenSslTlsTestCase.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/tls/OpenSslTlsTestCase.java
@@ -15,7 +15,7 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.tls;
+package org.wildfly.test.integration.elytron.tls.subsystem.tls;
import static org.jboss.as.controller.client.helpers.ClientConstants.CONTENT;
import static org.jboss.as.controller.client.helpers.ClientConstants.DEPLOYMENT;
@@ -74,21 +74,21 @@
import org.wildfly.core.testrunner.ManagementClient;
import org.wildfly.core.testrunner.ServerSetupTask;
import org.wildfly.core.testrunner.WildflyTestRunner;
-import org.wildfly.extension.elytron.ElytronExtension;
+import org.wildfly.extension.elytron.tls.subsystem.ElytronTlsExtension;
import org.wildfly.openssl.OpenSSLProvider;
import org.wildfly.security.ssl.CipherSuiteSelector;
import org.wildfly.security.ssl.ProtocolSelector;
import org.wildfly.security.ssl.SSLContextBuilder;
import org.wildfly.security.ssl.test.util.CAGenerationTool;
import org.wildfly.security.ssl.test.util.CAGenerationTool.Identity;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.TestRunnerConfigSetupTask;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.CliPath;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.ConfigurableElement;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.SimpleServerSslContext;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.CredentialReference;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.SimpleKeyManager;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.SimpleKeyStore;
-import org.wildfly.test.feature.pack.elytron.tls.subsystem.common.SimpleTrustManager;
+import org.wildfly.test.security.common.TestRunnerConfigSetupTask;
+import org.wildfly.test.security.common.elytron.ConfigurableElement;
+import org.wildfly.test.security.common.elytron.CredentialReference;
+import org.wildfly.test.security.common.elytron.tls.subsystem.SimpleTlsKeyManager;
+import org.wildfly.test.security.common.elytron.tls.subsystem.SimpleTlsKeyStore;
+import org.wildfly.test.security.common.elytron.tls.subsystem.SimpleTlsServerSslContext;
+import org.wildfly.test.security.common.elytron.tls.subsystem.SimpleTlsTrustManager;
+import org.wildfly.test.security.common.elytron.tls.subsystem.CliPath;
import org.wildfly.test.undertow.UndertowSSLService;
import org.wildfly.test.undertow.UndertowSSLServiceActivator;
import org.wildfly.test.undertow.UndertowServiceActivator;
@@ -113,7 +113,7 @@ public class OpenSslTlsTestCase {
private static final String SERVER_TRUST_MANAGER_NAME = "serverTM";
private static final String SERVER_SSL_CONTEXT_NAME = "test-context";
- private static final PathAddress ROOT_ADDRESS = PathAddress.pathAddress(SUBSYSTEM, ElytronExtension.SUBSYSTEM_NAME);
+ private static final PathAddress ROOT_ADDRESS = PathAddress.pathAddress(SUBSYSTEM, ElytronTlsExtension.SUBSYSTEM_NAME);
private static final PathAddress SERVER_SSL_CONTEXT_ADDRESS = ROOT_ADDRESS.append("server-ssl-context", SERVER_SSL_CONTEXT_NAME);
private static final Pattern OPENSSL_TLSv13_PATTERN = Pattern.compile("^(TLS_AES_128_GCM_SHA256|TLS_AES_256_GCM_SHA384|TLS_CHACHA20_POLY1305_SHA256|TLS_AES_128_CCM_SHA256|TLS_AES_128_CCM_8_SHA256)$");
@@ -199,7 +199,7 @@ protected ConfigurableElement[] getConfigurableElements() {
.build();
// KeyStores
- final SimpleKeyStore.Builder ksCommon = SimpleKeyStore.builder()
+ final SimpleTlsKeyStore.Builder ksCommon = SimpleTlsKeyStore.builder()
.withType("JKS")
.withCredentialReference(credentialReference);
elements.add(ksCommon.withName(SERVER_KEY_STORE_NAME)
@@ -214,19 +214,19 @@ protected ConfigurableElement[] getConfigurableElements() {
.build());
// Key and Trust Managers
- elements.add(SimpleKeyManager.builder()
+ elements.add(SimpleTlsKeyManager.builder()
.withName(SERVER_KEY_MANAGER_NAME)
.withCredentialReference(credentialReference)
.withKeyStore(SERVER_KEY_STORE_NAME)
.build());
elements.add(
- SimpleTrustManager.builder()
+ SimpleTlsTrustManager.builder()
.withName(SERVER_TRUST_MANAGER_NAME)
.withKeyStore(SERVER_TRUST_STORE_NAME)
.build());
// SSLContext with OpenSSL provider
- elements.add(SimpleServerSslContext.builder()
+ elements.add(SimpleTlsServerSslContext.builder()
.withName(SERVER_SSL_CONTEXT_NAME)
.withKeyManagers(SERVER_KEY_MANAGER_NAME)
.withTrustManagers(SERVER_TRUST_MANAGER_NAME)
@@ -235,7 +235,7 @@ protected ConfigurableElement[] getConfigurableElements() {
.withCipherSuiteNames("TLS_AES_256_GCM_SHA384:TLS_AES_128_CCM_8_SHA256")
.build());
- return elements.toArray(new ConfigurableElement[elements.size()]);
+ return elements.toArray(new ConfigurableElement[0]);
}
@Override
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/tls/ServerSslSniContextTestCase.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/tls/ServerSslSniContextTestCase.java
new file mode 100644
index 0000000..bf894a1
--- /dev/null
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/integration/elytron/tls/subsystem/tls/ServerSslSniContextTestCase.java
@@ -0,0 +1,90 @@
+/*
+ * Copyright 2019 Red Hat, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.wildfly.test.integration.elytron.tls.subsystem.tls;
+
+import static org.hamcrest.CoreMatchers.containsString;
+
+import org.hamcrest.MatcherAssert;
+import org.jboss.as.test.integration.management.util.CLIWrapper;
+import org.jboss.as.test.integration.management.util.ServerReload;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.wildfly.core.testrunner.ServerSetup;
+import org.wildfly.core.testrunner.WildflyTestRunner;
+
+@Ignore("SNI is not implemented yet")
+@ServerSetup(ServerReload.SetupTask.class)
+@RunWith(WildflyTestRunner.class)
+public class ServerSslSniContextTestCase {
+ CLIWrapper cli;
+
+ @Before
+ public void setup() throws Exception {
+ cli = new CLIWrapper(true);
+ // add server-ssl-sni-context
+ cli.sendLine("/subsystem=elytron-tls/key-store=exampleKeyStore:add(path=server.keystore,relative-to=jboss.server.config.dir,credential-reference={clear-text=\"keystore_password\"},type=JKS)");
+ cli.sendLine("/subsystem=elytron-tls/key-manager=exampleKeyManager:add(key-store=exampleKeyStore,alias-filter=server,credential-reference={clear-text=\"key_password\"})");
+ cli.sendLine("/subsystem=elytron-tls/server-ssl-context=exampleSslContext:add(key-manager=exampleKeyManager)");
+ cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:add(default-ssl-context=exampleSslContext");
+ }
+
+ @After
+ public void cleanup() throws Exception {
+ removeTestResources();
+ cli.close();
+ }
+
+ @Test
+ public void testInvalidHostContextMapValue() {
+ boolean success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"\\\\?.invalid.com\"=exampleSslContext})", true);
+ Assert.assertFalse(success);
+ MatcherAssert.assertThat("Wrong error message", cli.readOutput(), containsString("Invalid value of host context map"));
+ success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"invalid\\\\.\\\\.example.com\"=exampleSslContext})", true);
+ Assert.assertFalse(success);
+ MatcherAssert.assertThat("Wrong error message", cli.readOutput(), containsString("Invalid value of host context map"));
+ success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"*\\.invalid.com\"=exampleSslContext})", true);
+ Assert.assertFalse(success);
+ MatcherAssert.assertThat("Wrong error message", cli.readOutput(), containsString("Invalid value of host context map"));
+ success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"invalid.com-\"=exampleSslContext})", true);
+ Assert.assertFalse(success);
+ MatcherAssert.assertThat("Wrong error message", cli.readOutput(), containsString("Invalid value of host context map"));
+ success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"invalid.com\\\\.\"=exampleSslContext})", true);
+ Assert.assertFalse(success);
+ MatcherAssert.assertThat("Wrong error message", cli.readOutput(), containsString("Invalid value of host context map"));
+ }
+
+ @Test
+ public void testValidHostContextMapValue() {
+ boolean success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"..valid\\\\.example\\\\.com\"=exampleSslContext})", true);
+ Assert.assertTrue(success);
+ success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"valid\\\\.example\\\\.com\"=exampleSslContext})", true);
+ Assert.assertTrue(success);
+ success = cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:write-attribute(name=host-context-map,value={\"[^.]*\\\\.example\\\\.com\"=exampleSslContext})", true);
+ Assert.assertTrue(success);
+ }
+
+ private void removeTestResources() {
+ cli.sendLine("/subsystem=elytron-tls/server-ssl-sni-context=exampleSslSniContext:remove");
+ cli.sendLine("/subsystem=elytron-tls/server-ssl-context=exampleSslContext:remove");
+ cli.sendLine("/subsystem=elytron-tls/key-manager=exampleKeyManager:remove");
+ cli.sendLine("/subsystem=elytron-tls/key-store=exampleKeyStore:remove");
+ }
+}
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/TestRunnerConfigSetupTask.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/TestRunnerConfigSetupTask.java
similarity index 95%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/TestRunnerConfigSetupTask.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/TestRunnerConfigSetupTask.java
index 6d629cd..92cb327 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/TestRunnerConfigSetupTask.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/TestRunnerConfigSetupTask.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
+package org.wildfly.test.security.common;
import java.util.Arrays;
import java.util.ListIterator;
@@ -25,6 +25,7 @@
import org.jboss.logging.Logger;
import org.wildfly.core.testrunner.ManagementClient;
import org.wildfly.core.testrunner.ServerSetupTask;
+import org.wildfly.test.security.common.elytron.ConfigurableElement;
/**
* WildFly TestRunner ServerSetupTask version of AbstractConfigSetupTask.
@@ -49,7 +50,7 @@ public void tearDown(final ManagementClient managementClient) throws Exception {
/**
* Creates configuration elements (provided by implementation of {@link #getConfigurableElements()} method) and calls
- * {@link ConfigurableElement#create(ModelControllerClient, CLIWrapper)} for them.
+ * {@link ConfigurableElement#create(CLIWrapper)} for them.
*/
protected void setup(final ModelControllerClient modelControllerClient) throws Exception {
configurableElements = getConfigurableElements();
@@ -70,7 +71,7 @@ protected void setup(final ModelControllerClient modelControllerClient) throws E
}
/**
- * Reverts configuration changes done by {@link #setup(ModelControllerClient)} method - i.e. calls {@link ConfigurableElement#remove(ModelControllerClient, CLIWrapper)} method
+ * Reverts configuration changes done by {@link #setup(ModelControllerClient)} method - i.e. calls {@link ConfigurableElement#remove(CLIWrapper)} method
* on instances provided by {@link #getConfigurableElements()} (in reverse order).
*/
protected void tearDown(ModelControllerClient modelControllerClient) throws Exception {
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/CliPath.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/CliPath.java
similarity index 97%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/CliPath.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/CliPath.java
index 0aeb2ce..e2af5ca 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/CliPath.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/CliPath.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
+package org.wildfly.test.security.common.elytron.tls.subsystem;
import static org.apache.commons.lang3.StringUtils.isNotBlank;
import static org.jboss.as.test.shared.CliUtils.escapePath;
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleKeyManager.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsKeyManager.java
similarity index 70%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleKeyManager.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsKeyManager.java
index cd3a75b..7d29d52 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleKeyManager.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsKeyManager.java
@@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
+package org.wildfly.test.security.common.elytron.tls.subsystem;
import static org.apache.commons.lang3.ObjectUtils.defaultIfNull;
import static org.wildfly.common.Assert.checkNotNullParamWithNullPointerException;
@@ -22,18 +22,21 @@
import org.jboss.as.controller.client.ModelControllerClient;
import org.jboss.as.test.integration.management.util.CLIWrapper;
+import org.wildfly.test.security.common.elytron.AbstractConfigurableElement;
+import org.wildfly.test.security.common.elytron.CredentialReference;
/**
- * Elytron key-manager configuration implementation.
+ * Elytron TLS key-manager configuration implementation.
*
* @author Josef Cacek
+ * @author Cameron Rodriguez
*/
-public class SimpleKeyManager extends AbstractConfigurableElement {
+public class SimpleTlsKeyManager extends AbstractConfigurableElement {
private final String keyStore;
private final CredentialReference credentialReference;
- private SimpleKeyManager(Builder builder) {
+ private SimpleTlsKeyManager(Builder builder) {
super(builder);
this.keyStore = checkNotNullParamWithNullPointerException("builder.keyStore", builder.keyStore);
this.credentialReference = defaultIfNull(builder.credentialReference, CredentialReference.EMPTY);
@@ -41,19 +44,19 @@ private SimpleKeyManager(Builder builder) {
@Override
public void create(ModelControllerClient client, CLIWrapper cli) throws Exception {
- // /subsystem=elytron/key-manager=httpsKM:add(key-store=httpsKS,algorithm="SunX509",credential-reference={clear-text=secret})
+ // /subsystem=elytron-tls/key-manager=httpsKM:add(key-store=httpsKS,algorithm="SunX509",credential-reference={clear-text=secret})
- cli.sendLine(String.format("/subsystem=elytron/key-manager=%s:add(key-store=\"%s\",algorithm=\"%s\", %s)", name,
+ cli.sendLine(String.format("/subsystem=elytron-tls/key-manager=%s:add(key-store=\"%s\",algorithm=\"%s\", %s)", name,
keyStore, KeyManagerFactory.getDefaultAlgorithm(), credentialReference.asString()));
}
@Override
public void remove(ModelControllerClient client, CLIWrapper cli) throws Exception {
- cli.sendLine(String.format("/subsystem=elytron/key-manager=%s:remove()", name));
+ cli.sendLine(String.format("/subsystem=elytron-tls/key-manager=%s:remove()", name));
}
/**
- * Creates builder to build {@link SimpleKeyManager}.
+ * Creates builder to build {@link SimpleTlsKeyManager}.
*
* @return created builder
*/
@@ -62,7 +65,7 @@ public static Builder builder() {
}
/**
- * Builder to build {@link SimpleKeyManager}.
+ * Builder to build {@link SimpleTlsKeyManager}.
*/
public static final class Builder extends AbstractConfigurableElement.Builder {
private String keyStore;
@@ -81,8 +84,8 @@ public Builder withCredentialReference(CredentialReference credentialReference)
return this;
}
- public SimpleKeyManager build() {
- return new SimpleKeyManager(this);
+ public SimpleTlsKeyManager build() {
+ return new SimpleTlsKeyManager(this);
}
@Override
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleKeyStore.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsKeyStore.java
similarity index 71%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleKeyStore.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsKeyStore.java
index 934ff58..a002974 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleKeyStore.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsKeyStore.java
@@ -13,26 +13,29 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
+package org.wildfly.test.security.common.elytron.tls.subsystem;
import static org.apache.commons.lang3.ObjectUtils.defaultIfNull;
import org.jboss.as.controller.client.ModelControllerClient;
import org.jboss.as.test.integration.management.util.CLIWrapper;
+import org.wildfly.test.security.common.elytron.AbstractConfigurableElement;
+import org.wildfly.test.security.common.elytron.CredentialReference;
/**
- * Elytron key-store configuration implementation.
+ * Elytron TLS key-store configuration implementation.
*
* @author Josef Cacek
+ * @author Cameron Rodriguez
*/
-public class SimpleKeyStore extends AbstractConfigurableElement {
+public class SimpleTlsKeyStore extends AbstractConfigurableElement {
private final CliPath path;
private final CredentialReference credentialReference;
private final String type;
private final boolean required;
- private SimpleKeyStore(Builder builder) {
+ private SimpleTlsKeyStore(Builder builder) {
super(builder);
this.path = defaultIfNull(builder.path, CliPath.EMPTY);
this.credentialReference = defaultIfNull(builder.credentialReference, CredentialReference.EMPTY);
@@ -42,19 +45,19 @@ private SimpleKeyStore(Builder builder) {
@Override
public void create(ModelControllerClient client, CLIWrapper cli) throws Exception {
- // /subsystem=elytron/key-store=httpsKS:add(path=keystore.jks,relative-to=jboss.server.config.dir,
+ // /subsystem=elytron-tls/key-store=httpsKS:add(path=keystore.jks,relative-to=jboss.server.config.dir,
// credential-reference={clear-text=secret},type=JKS,required=false)
- cli.sendLine(String.format("/subsystem=elytron/key-store=%s:add(%s%stype=\"%s\",required=%s)", name, path.asString(),
- credentialReference.asString(), type, Boolean.toString(required)));
+ cli.sendLine(String.format("/subsystem=elytron-tls/key-store=%s:add(%s%stype=\"%s\",required=%s)", name, path.asString(),
+ credentialReference.asString(), type, required));
}
@Override
public void remove(ModelControllerClient client, CLIWrapper cli) throws Exception {
- cli.sendLine(String.format("/subsystem=elytron/key-store=%s:remove()", name));
+ cli.sendLine(String.format("/subsystem=elytron-tls/key-store=%s:remove()", name));
}
/**
- * Creates builder to build {@link SimpleKeyStore}.
+ * Creates builder to build {@link SimpleTlsKeyStore}.
*
* @return created builder
*/
@@ -63,7 +66,7 @@ public static Builder builder() {
}
/**
- * Builder to build {@link SimpleKeyStore}.
+ * Builder to build {@link SimpleTlsKeyStore}.
*/
public static final class Builder extends AbstractConfigurableElement.Builder {
private CliPath path;
@@ -94,8 +97,8 @@ public Builder withRequired(boolean required) {
return this;
}
- public SimpleKeyStore build() {
- return new SimpleKeyStore(this);
+ public SimpleTlsKeyStore build() {
+ return new SimpleTlsKeyStore(this);
}
@Override
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleServerSslContext.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsServerSslContext.java
similarity index 79%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleServerSslContext.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsServerSslContext.java
index 74c98b8..def7934 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleServerSslContext.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsServerSslContext.java
@@ -13,35 +13,35 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
+package org.wildfly.test.security.common.elytron.tls.subsystem;
import java.util.StringJoiner;
import org.apache.commons.lang3.StringUtils;
import org.jboss.as.controller.client.ModelControllerClient;
import org.jboss.as.test.integration.management.util.CLIWrapper;
+import org.wildfly.test.security.common.elytron.AbstractConfigurableElement;
/**
- * Elytron server-ssl-context configuration implementation.
+ * Elytron TLS server-ssl-context configuration implementation.
*
* @author Josef Cacek
+ * @author Cameron Rodriguez
*/
-public class SimpleServerSslContext extends AbstractConfigurableElement {
+public class SimpleTlsServerSslContext extends AbstractConfigurableElement {
private final String keyManager;
private final String trustManager;
- private final String securityDomain;
private final String[] protocols;
private final boolean needClientAuth;
private final Boolean authenticationOptional;
private final String providers;
private final String cipherSuiteNames;
- private SimpleServerSslContext(Builder builder) {
+ private SimpleTlsServerSslContext(Builder builder) {
super(builder);
this.keyManager = builder.keyManager;
this.trustManager = builder.trustManager;
- this.securityDomain = builder.securityDomain;
this.protocols = builder.protocols;
this.needClientAuth = builder.needClientAuth;
this.authenticationOptional = builder.authenticationOptional;
@@ -51,9 +51,9 @@ private SimpleServerSslContext(Builder builder) {
@Override
public void create(ModelControllerClient client, CLIWrapper cli) throws Exception {
- // /subsystem=elytron/server-ssl-context=twoWaySSC:add(key-manager=twoWayKM,protocols=["TLSv1.2"],
+ // /subsystem=elytron-tls/server-ssl-context=twoWaySSC:add(key-manager=twoWayKM,protocols=["TLSv1.2"],
// trust-manager=twoWayTM,security-domain=test,need-client-auth=true)
- StringBuilder sb = new StringBuilder("/subsystem=elytron/server-ssl-context=").append(name).append(":add(");
+ StringBuilder sb = new StringBuilder("/subsystem=elytron-tls/server-ssl-context=").append(name).append(":add(");
if (StringUtils.isNotBlank(keyManager)) {
sb.append("key-manager=\"").append(keyManager).append("\", ");
}
@@ -64,14 +64,11 @@ public void create(ModelControllerClient client, CLIWrapper cli) throws Exceptio
joiner.add(s1);
}
sb.append("protocols=[")
- .append(joiner.toString()).append("], ");
+ .append(joiner).append("], ");
}
if (StringUtils.isNotBlank(trustManager)) {
sb.append("trust-manager=\"").append(trustManager).append("\", ");
}
- if (StringUtils.isNotBlank(securityDomain)) {
- sb.append("security-domain=\"").append(securityDomain).append("\", ");
- }
if (authenticationOptional != null) {
sb.append("authentication-optional=").append(authenticationOptional).append(", ");
}
@@ -87,11 +84,11 @@ public void create(ModelControllerClient client, CLIWrapper cli) throws Exceptio
@Override
public void remove(ModelControllerClient client, CLIWrapper cli) throws Exception {
- cli.sendLine(String.format("/subsystem=elytron/server-ssl-context=%s:remove()", name));
+ cli.sendLine(String.format("/subsystem=elytron-tls/server-ssl-context=%s:remove()", name));
}
/**
- * Creates builder to build {@link SimpleServerSslContext}.
+ * Creates builder to build {@link SimpleTlsServerSslContext}.
*
* @return created builder
*/
@@ -100,12 +97,11 @@ public static Builder builder() {
}
/**
- * Builder to build {@link SimpleServerSslContext}.
+ * Builder to build {@link SimpleTlsServerSslContext}.
*/
public static final class Builder extends AbstractConfigurableElement.Builder {
private String keyManager;
private String trustManager;
- private String securityDomain;
private String[] protocols;
private boolean needClientAuth;
private Boolean authenticationOptional;
@@ -125,11 +121,6 @@ public Builder withTrustManagers(String trustManagers) {
return this;
}
- public Builder withSecurityDomain(String securityDomain) {
- this.securityDomain = securityDomain;
- return this;
- }
-
public Builder withProtocols(String... protocols) {
this.protocols = protocols;
return this;
@@ -155,8 +146,8 @@ public Builder withCipherSuiteNames(String cipherSuiteNames) {
return this;
}
- public SimpleServerSslContext build() {
- return new SimpleServerSslContext(this);
+ public SimpleTlsServerSslContext build() {
+ return new SimpleTlsServerSslContext(this);
}
@Override
diff --git a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleTrustManager.java b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsTrustManager.java
similarity index 66%
rename from testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleTrustManager.java
rename to testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsTrustManager.java
index d101f60..18e6a99 100644
--- a/testsuite/integration/subsystem/src/test/java/org/wildfly/test/feature/pack/elytron/tls/subsystem/common/SimpleTrustManager.java
+++ b/testsuite/integration/subsystem/src/test/java/org/wildfly/test/security/common/elytron/tls/subsystem/SimpleTlsTrustManager.java
@@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.wildfly.test.feature.pack.elytron.tls.subsystem.common;
+package org.wildfly.test.security.common.elytron.tls.subsystem;
import static org.wildfly.common.Assert.checkNotNullParamWithNullPointerException;
@@ -21,36 +21,38 @@
import org.jboss.as.controller.client.ModelControllerClient;
import org.jboss.as.test.integration.management.util.CLIWrapper;
+import org.wildfly.test.security.common.elytron.AbstractConfigurableElement;
/**
- * Elytron trust-managers configuration implementation.
+ * Elytron TLS trust-managers configuration implementation.
*
* @author Josef Cacek
+ * @author Cameron Rodriguez
*/
-public class SimpleTrustManager extends AbstractConfigurableElement {
+public class SimpleTlsTrustManager extends AbstractConfigurableElement {
private final String keyStore;
- private SimpleTrustManager(Builder builder) {
+ private SimpleTlsTrustManager(Builder builder) {
super(builder);
this.keyStore = checkNotNullParamWithNullPointerException("builder.keyStore", builder.keyStore);
}
@Override
public void create(ModelControllerClient client, CLIWrapper cli) throws Exception {
- // /subsystem=elytron/trust-manager=twoWayTM:add(key-store=twoWayTS,algorithm="SunX509")
+ // /subsystem=elytron-tls/trust-manager=twoWayTM:add(key-store=twoWayTS,algorithm="SunX509")
- cli.sendLine(String.format("/subsystem=elytron/trust-manager=%s:add(key-store=\"%s\",algorithm=\"%s\")", name,
+ cli.sendLine(String.format("/subsystem=elytron-tls/trust-manager=%s:add(key-store=\"%s\",algorithm=\"%s\")", name,
keyStore, KeyManagerFactory.getDefaultAlgorithm()));
}
@Override
public void remove(ModelControllerClient client, CLIWrapper cli) throws Exception {
- cli.sendLine(String.format("/subsystem=elytron/trust-manager=%s:remove()", name));
+ cli.sendLine(String.format("/subsystem=elytron-tls/trust-manager=%s:remove()", name));
}
/**
- * Creates builder to build {@link SimpleTrustManager}.
+ * Creates builder to build {@link SimpleTlsTrustManager}.
*
* @return created builder
*/
@@ -59,7 +61,7 @@ public static Builder builder() {
}
/**
- * Builder to build {@link SimpleTrustManager}.
+ * Builder to build {@link SimpleTlsTrustManager}.
*/
public static final class Builder extends AbstractConfigurableElement.Builder {
private String keyStore;
@@ -72,8 +74,8 @@ public Builder withKeyStore(String keyStore) {
return this;
}
- public SimpleTrustManager build() {
- return new SimpleTrustManager(this);
+ public SimpleTlsTrustManager build() {
+ return new SimpleTlsTrustManager(this);
}
@Override
diff --git a/testsuite/pom.xml b/testsuite/pom.xml
index 3f254d4..d166d54 100644
--- a/testsuite/pom.xml
+++ b/testsuite/pom.xml
@@ -96,7 +96,6 @@
none
- -Djboss.dist=${jboss.dist}
-Djava.io.tmpdir=${basedir}/target