AS7-1382 Add management operations for management security realms

janinko · Dec 22, 2011 · 39562e3 · 39562e3
1 parent 5a8b6a3
commit 39562e3
Show file tree

Hide file tree

Showing 47 changed files with 2,757 additions and 1,431 deletions.
diff --git a/appclient/src/main/java/org/jboss/as/appclient/subsystem/parsing/AppClientXml.java b/appclient/src/main/java/org/jboss/as/appclient/subsystem/parsing/AppClientXml.java
@@ -417,123 +417,6 @@ private void setServerName(final ModelNode address, final List<ModelNode> operat
 
     public void writeContent(final XMLExtendedStreamWriter writer, final ModelMarshallingContext context)
             throws XMLStreamException {
-
-        ModelNode modelNode = context.getModelNode();
-        writer.writeStartDocument();
-        writer.writeStartElement(Element.SERVER.getLocalName());
-
-        if (modelNode.hasDefined(NAME)) {
-            writeAttribute(writer, Attribute.NAME, modelNode.get(NAME).asString());
-        }
-
-        writer.writeDefaultNamespace(Namespace.CURRENT.getUriString());
-        writeNamespaces(writer, modelNode);
-        writeSchemaLocation(writer, modelNode);
-
-        if (modelNode.hasDefined(EXTENSION)) {
-            writeExtensions(writer, modelNode.get(EXTENSION));
-        }
-
-        if (modelNode.hasDefined(SYSTEM_PROPERTY)) {
-            writeProperties(writer, modelNode.get(SYSTEM_PROPERTY), Element.SYSTEM_PROPERTIES, true);
-        }
-
-        if (modelNode.hasDefined(PATH)) {
-            writePaths(writer, modelNode.get(PATH));
-        }
-
-        if (modelNode.hasDefined(CORE_SERVICE) && modelNode.get(CORE_SERVICE).hasDefined(VAULT)) {
-            writeVault(writer, modelNode.get(CORE_SERVICE, VAULT));
-        }
-
-        if (modelNode.hasDefined(CORE_SERVICE) && modelNode.get(CORE_SERVICE).hasDefined(MANAGEMENT)) {
-            writeManagement(writer, modelNode.get(CORE_SERVICE, MANAGEMENT), true);
-        }
-
-        writeServerProfile(writer, context);
-
-        if (modelNode.hasDefined(INTERFACE)) {
-            writeInterfaces(writer, modelNode.get(INTERFACE));
-        }
-
-        if (modelNode.hasDefined(SOCKET_BINDING_GROUP)) {
-            Set<String> groups = modelNode.get(SOCKET_BINDING_GROUP).keys();
-            if (groups.size() > 1) {
-                throw MESSAGES.multipleNodesFound(SOCKET_BINDING_GROUP);
-            }
-            for (String group : groups) {
-                writeSocketBindingGroup(writer, modelNode.get(SOCKET_BINDING_GROUP, group), true);
-            }
-        }
-
-        if (modelNode.hasDefined(DEPLOYMENT)) {
-            writeServerDeployments(writer, modelNode.get(DEPLOYMENT));
-        }
-        writer.writeEndElement();
-        writer.writeEndDocument();
-    }
-
-    private void writeServerDeployments(final XMLExtendedStreamWriter writer, final ModelNode modelNode)
-            throws XMLStreamException {
-
-        Set<String> deploymentNames = modelNode.keys();
-        if (deploymentNames.size() > 0) {
-            boolean deploymentWritten = false;
-            for (String uniqueName : deploymentNames) {
-                final ModelNode deployment = modelNode.get(uniqueName);
-                if (deployment.hasDefined(PERSISTENT) && !deployment.get(PERSISTENT).asBoolean()) {
-                    continue;
-                }
-                if (!deploymentWritten) {
-                    writer.writeStartElement(Element.DEPLOYMENTS.getLocalName());
-                    deploymentWritten = true;
-                }
-                final String runtimeName = deployment.get(RUNTIME_NAME).asString();
-                boolean enabled = deployment.get(ENABLED).asBoolean();
-                writer.writeStartElement(Element.DEPLOYMENT.getLocalName());
-                writeAttribute(writer, Attribute.NAME, uniqueName);
-                writeAttribute(writer, Attribute.RUNTIME_NAME, runtimeName);
-                if (!enabled) {
-                    writeAttribute(writer, Attribute.ENABLED, "false");
-                }
-                final List<ModelNode> contentItems = deployment.require(CONTENT).asList();
-                for (ModelNode contentItem : contentItems) {
-                    writeContentItem(writer, contentItem);
-                }
-                writer.writeEndElement();
-            }
-            if (deploymentWritten) {
-                writer.writeEndElement();
-            }
-        }
-    }
-
-    private void writeServerProfile(final XMLExtendedStreamWriter writer, final ModelMarshallingContext context)
-            throws XMLStreamException {
-
-        final ModelNode profileNode = context.getModelNode();
-        // In case there are no subsystems defined
-        if(! profileNode.hasDefined(SUBSYSTEM)) {
-            writer.writeEmptyElement(Element.PROFILE.getLocalName());
-            return;
-        }
-
-        writer.writeStartElement(Element.PROFILE.getLocalName());
-        Set<String> subsystemNames = profileNode.get(SUBSYSTEM).keys();
-        if (subsystemNames.size() > 0) {
-            String defaultNamespace = writer.getNamespaceContext().getNamespaceURI(XMLConstants.DEFAULT_NS_PREFIX);
-            for (String subsystemName : subsystemNames) {
-                try {
-                    ModelNode subsystem = profileNode.get(SUBSYSTEM, subsystemName);
-                    XMLElementWriter<SubsystemMarshallingContext> subsystemWriter = context.getSubsystemWriter(subsystemName);
-                    if (subsystemWriter != null) { // FIXME -- remove when extensions are doing the registration
-                        subsystemWriter.writeContent(writer, new SubsystemMarshallingContext(subsystem, writer));
-                    }
-                } finally {
-                    writer.setDefaultNamespace(defaultNamespace);
-                }
-            }
-        }
-        writer.writeEndElement();
+        // we don't marshall appclient.xml
     }
 }
diff --git a/build/src/main/resources/docs/schema/jboss-as-config_1_1.xsd b/build/src/main/resources/docs/schema/jboss-as-config_1_1.xsd
@@ -258,7 +258,7 @@
     <xs:complexType name="secretType">
         <xs:annotation>
             <xs:documentation>
-                Configuration of the SSL identity of this server.
+                Configuration of the secret/password-based identity of this server.
             </xs:documentation>
         </xs:annotation>
         <xs:attribute name="value" type="xs:string" use="required">
@@ -294,20 +294,20 @@
                 The keystore configuration for the server.
             </xs:documentation>
         </xs:annotation>
-        <xs:attribute name="relative-to" use="optional" type="xs:string">
+        <xs:attribute name="path" type="xs:string" use="required">
             <xs:annotation>
                 <xs:documentation>
-                    The name of another previously named path, or of one of the
-                    standard paths provided by the system. If 'relative-to' is
-                    provided, the value of the 'path' attribute is treated as
-                    relative to the path specified by this attribute.
+                    The path of the keystore.
                 </xs:documentation>
             </xs:annotation>
         </xs:attribute>
-        <xs:attribute name="path" type="xs:string" use="required">
+        <xs:attribute name="relative-to" use="optional" type="xs:string">
             <xs:annotation>
                 <xs:documentation>
-                    The path of the keystore.
+                    The name of another previously named path, or of one of the
+                    standard paths provided by the system. If 'relative-to' is
+                    provided, the value of the 'path' attribute is treated as
+                    relative to the path specified by this attribute.
                 </xs:documentation>
             </xs:annotation>
         </xs:attribute>
@@ -324,13 +324,13 @@
         <xs:annotation>
             <xs:documentation>
                 Configuration of the server side authentication mechanisms.
-                
-                Optionally one truststore can be defined and one username/password based store can be defined,
-                authentication will first attemp to use the truststore and if this is not available fall back
+
+                Optionally one truststore can be defined and one username/password based store can be defined.
+                Authentication will first attempt to use the truststore and if this is not available will fall back
                 to the username/password authentication.
-                
-                If none of these are specified the only available mechanism will be the local mechanism for the 
-                Native interface, the HTTP interface will not be accessible.
+
+                If none of these are specified the only available mechanism will be the local mechanism for the
+                Native interface and the HTTP interface will not be accessible.
             </xs:documentation>
         </xs:annotation>
         <xs:sequence>

diff --git a/build/src/main/resources/modules/org/jboss/as/domain-management/main/module.xml b/build/src/main/resources/modules/org/jboss/as/domain-management/main/module.xml
@@ -34,6 +34,7 @@
         <module name="org.jboss.logging" />
         <module name="org.jboss.msc" />
         <module name="org.jboss.sasl"/>
+        <module name="org.jboss.staxmapper"/>
         <module name="javax.api" />
     </dependencies>
 </module>
diff --git a/controller/src/main/java/org/jboss/as/controller/ControllerMessages.java b/controller/src/main/java/org/jboss/as/controller/ControllerMessages.java
@@ -2143,4 +2143,13 @@ public interface ControllerMessages {
     @Message(id = 14815, value = "There is no operation %s registered at address %s")
     IllegalArgumentException operationNotRegisteredException(String op, PathAddress address);
 
+
+    /**
+     * Creates a runtime exception indicating there was a failure to recover services during an operation rollback
+     *
+     * @param cause the cause of the failure
+     * @return the runtime exception.
+     */
+    @Message(id = 14816, value = "Failed to recover services during operation rollback")
+    RuntimeException failedToRecoverServices(@Param OperationFailedException cause);
 }
diff --git a/controller/src/main/java/org/jboss/as/controller/ResourceDefinition.java b/controller/src/main/java/org/jboss/as/controller/ResourceDefinition.java
@@ -63,4 +63,11 @@ public interface ResourceDefinition {
      * @param resourceRegistration a {@link ManagementResourceRegistration} created from this definition
      */
     void registerAttributes(final ManagementResourceRegistration resourceRegistration);
+
+    /**
+     * Register child resources associated with this resource.
+     *
+     * @param resourceRegistration a {@link ManagementResourceRegistration} created from this definition
+     */
+    void registerChildren(final ManagementResourceRegistration resourceRegistration);
 }
diff --git a/controller/src/main/java/org/jboss/as/controller/RestartParentResourceAddHandler.java b/controller/src/main/java/org/jboss/as/controller/RestartParentResourceAddHandler.java
@@ -38,88 +38,25 @@
  *
  * @author Jason T. Greene
  */
-public abstract class RestartParentResourceAddHandler extends AbstractAddStepHandler {
-    private final String parentKeyName;
+public abstract class RestartParentResourceAddHandler extends RestartParentResourceHandlerBase {
 
     protected RestartParentResourceAddHandler(String parentKeyName) {
-        this.parentKeyName = parentKeyName;
+        super(parentKeyName);
     }
 
     @Override
-    protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
-        if (context.isBooting()) {
-            return;
-        }
-
-        PathAddress address = getParentAddress(PathAddress.pathAddress(operation.require(OP_ADDR)));
-        ServiceName serviceName = getParentServiceName(address);
-        ServiceController<?> service = serviceName != null ?
-                             context.getServiceRegistry(false).getService(serviceName) : null;
-
-        // No parent service, nothing to do
-        if (service == null) {
-            return;
-        }
-
-        if (context.isResourceServiceRestartAllowed()) {
-            ModelNode parentModel = getModel(context, address);
-            if (parentModel != null && context.markResourceRestarted(address, this)) {
-                context.removeService(serviceName);
-                recreateParentService(context, address, parentModel, verificationHandler);
-            }
-        }  else {
-            context.reloadRequired();
-        }
-
-    }
-
-    protected abstract void recreateParentService(OperationContext context, PathAddress parentAddress, ModelNode parentModel, ServiceVerificationHandler verificationHandler);
-
-    protected abstract ServiceName getParentServiceName(PathAddress parentAddress);
-
-
-    protected PathAddress getParentAddress(PathAddress address) {
-        return Util.getParentAddressByKey(address, parentKeyName);
+    protected void updateModel(OperationContext context, ModelNode operation) throws OperationFailedException {
+        final Resource resource = context.createResource(PathAddress.EMPTY_ADDRESS);
+        populateModel(operation, resource.getModel());
     }
 
-    @Override
-    protected void rollbackRuntime(OperationContext context, ModelNode operation, ModelNode model, List<ServiceController<?>> controllers) {
-        PathAddress address = getParentAddress(PathAddress.pathAddress(operation.require(OP_ADDR)));
-        ServiceName serviceName = getParentServiceName(address);
-        ServiceController<?> service = serviceName != null ?
-                             context.getServiceRegistry(false).getService(serviceName) : null;
-
-        // No parent service indicates boot
-        if (service == null) {
-            return;
-        }
-
-        if (context.isResourceServiceRestartAllowed()) {
-            ModelNode parentModel = getOriginalModel(context, address);
-            if (parentModel != null && context.revertResourceRestarted(address, this)) {
-                context.removeService(serviceName);
-                recreateParentService(context, address, parentModel, null);
-            }
-        }  else {
-            context.revertReloadRequired();
-        }
-    }
-
-     private ModelNode getModel(OperationContext ctx, PathAddress address) {
-        try {
-            Resource resource = ctx.getRootResource().navigate(address);
-            return Resource.Tools.readModel(resource);
-        } catch (NoSuchElementException e) {
-            return null;
-        }
-    }
-
-    private ModelNode getOriginalModel(OperationContext ctx, PathAddress address) {
-        try {
-            Resource resource = ctx.getOriginalRootResource().navigate(address);
-            return  Resource.Tools.readModel(resource);
-        } catch (NoSuchElementException e) {
-            return null;
-        }
-    }
+    /**
+     * Populate the given node in the persistent configuration model based on the values in the given operation.
+     *
+     * @param operation the operation
+     * @param model persistent configuration model node that corresponds to the address of {@code operation}
+     *
+     * @throws OperationFailedException if {@code operation} is invalid or populating the model otherwise fails
+     */
+    protected abstract void populateModel(final ModelNode operation, final ModelNode model) throws OperationFailedException;
 }