diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/AuditLoggingParser.java b/elytron/src/main/java/org/wildfly/extension/elytron/AuditLoggingParser.java
index 9addd6c5d03..a198ba5ace3 100644
--- a/elytron/src/main/java/org/wildfly/extension/elytron/AuditLoggingParser.java
+++ b/elytron/src/main/java/org/wildfly/extension/elytron/AuditLoggingParser.java
@@ -57,9 +57,16 @@ class AuditLoggingParser {
.setUseElementsForGroups(false)
.addAttributes(AuditResourceDefinitions.SERVER_ADDRESS, AuditResourceDefinitions.PORT, AuditResourceDefinitions.TRANSPORT, AuditResourceDefinitions.HOST_NAME, AuditResourceDefinitions.FORMAT, AuditResourceDefinitions.SSL_CONTEXT)
.build();
+
private final PersistentResourceXMLDescription aggregateSecurityEventParser = builder(PathElement.pathElement(AGGREGATE_SECURITY_EVENT_LISTENER), null)
.addAttribute(AuditResourceDefinitions.REFERENCES, new AttributeParsers.NamedStringListParser(SECURITY_EVENT_LISTENER), new AttributeMarshallers.NamedStringListMarshaller(SECURITY_EVENT_LISTENER))
.build();
+
+ private final PersistentResourceXMLDescription customSecurityEventParser = builder(PathElement.pathElement(ElytronDescriptionConstants.CUSTOM_SECURITY_EVENT_LISTENER), null)
+ .addAttributes(CustomComponentDefinition.ATTRIBUTES)
+ .setUseElementsForGroups(false)
+ .build();
+
final PersistentResourceXMLDescription parser = decorator(ElytronDescriptionConstants.AUDIT_LOGGING)
.addChild(aggregateSecurityEventParser)
.addChild(fileAuditLogParser)
@@ -68,5 +75,13 @@ class AuditLoggingParser {
.addChild(syslogAuditLogParser)
.build();
+ final PersistentResourceXMLDescription parser4_0 = decorator(ElytronDescriptionConstants.AUDIT_LOGGING)
+ .addChild(aggregateSecurityEventParser)
+ .addChild(customSecurityEventParser) // new
+ .addChild(fileAuditLogParser)
+ .addChild(periodicRotatingFileAuditLogParser)
+ .addChild(sizeRotatingFileAuditLogParser)
+ .addChild(syslogAuditLogParser)
+ .build();
}
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/CustomComponentDefinition.java b/elytron/src/main/java/org/wildfly/extension/elytron/CustomComponentDefinition.java
index 07704ef2cb2..467eac7daf3 100644
--- a/elytron/src/main/java/org/wildfly/extension/elytron/CustomComponentDefinition.java
+++ b/elytron/src/main/java/org/wildfly/extension/elytron/CustomComponentDefinition.java
@@ -20,7 +20,7 @@
import static org.wildfly.extension.elytron.ClassLoadingAttributeDefinitions.CLASS_NAME;
import static org.wildfly.extension.elytron.ClassLoadingAttributeDefinitions.resolveClassLoader;
-import static org.wildfly.extension.elytron.ElytronDefinition.commonDependencies;
+import static org.wildfly.extension.elytron.ElytronDefinition.commonRequirements;
import static org.wildfly.extension.elytron.SecurityActions.doPrivileged;
import static org.wildfly.extension.elytron._private.ElytronSubsystemMessages.ROOT_LOGGER;
@@ -30,6 +30,7 @@
import java.util.Arrays;
import java.util.HashSet;
import java.util.Map;
+import java.util.function.Function;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
@@ -58,7 +59,7 @@
*
* @author Darran Lofthouse
*/
-class CustomComponentDefinition extends SimpleResourceDefinition {
+class CustomComponentDefinition extends SimpleResourceDefinition {
static final SimpleAttributeDefinition MODULE = new SimpleAttributeDefinitionBuilder(ClassLoadingAttributeDefinitions.MODULE)
.setRequired(true)
@@ -70,25 +71,17 @@ class CustomComponentDefinition extends SimpleResourceDefinition {
.setRestartAllServices()
.build();
- private final Class serviceType;
- private final RuntimeCapability>[] runtimeCapabilities;
- private final String pathKey;
-
static final AttributeDefinition[] ATTRIBUTES = {MODULE, CLASS_NAME, CONFIGURATION};
- CustomComponentDefinition(Class serviceType, String pathKey, @SuppressWarnings("rawtypes") RuntimeCapability ... runtimeCapabilities) {
+ CustomComponentDefinition(Class serviceType, Function wrapper, String pathKey, @SuppressWarnings("rawtypes") RuntimeCapability ... runtimeCapabilities) {
super(addAddRemoveHandlers(new Parameters(PathElement.pathElement(pathKey), ElytronExtension.getResourceDescriptionResolver(pathKey))
.setAddRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES)
.setRemoveRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES)
- .setCapabilities(runtimeCapabilities), serviceType, runtimeCapabilities));
-
- this.serviceType = serviceType;
- this.runtimeCapabilities = runtimeCapabilities;
- this.pathKey = pathKey;
+ .setCapabilities(runtimeCapabilities), serviceType, wrapper, runtimeCapabilities));
}
- private static Parameters addAddRemoveHandlers(Parameters parameters, Class serviceType, RuntimeCapability> ... runtimeCapabilities) {
- AbstractAddStepHandler add = new ComponentAddHandler(serviceType, runtimeCapabilities);
+ private static Parameters addAddRemoveHandlers(Parameters parameters, Class serviceType, Function wrapper, RuntimeCapability> ... runtimeCapabilities) {
+ AbstractAddStepHandler add = new ComponentAddHandler<>(serviceType, wrapper, runtimeCapabilities);
OperationStepHandler remove = new TrivialCapabilityServiceRemoveHandler(add, runtimeCapabilities);
parameters.setAddHandler(add);
@@ -105,15 +98,17 @@ public void registerAttributes(ManagementResourceRegistration resourceRegistrati
}
}
- private static class ComponentAddHandler extends BaseAddHandler {
+ private static class ComponentAddHandler extends BaseAddHandler {
private final RuntimeCapability>[] runtimeCapabilities;
- private final Class serviceType;
+ private final Class serviceType;
+ private final Function wrapper;
- private ComponentAddHandler(Class serviceType, RuntimeCapability> ... runtimeCapabilities) {
- super( new HashSet(Arrays.asList(runtimeCapabilities)), ATTRIBUTES);
+ private ComponentAddHandler(Class serviceType, Function wrapper, RuntimeCapability> ... runtimeCapabilities) {
+ super(new HashSet<>(Arrays.asList(runtimeCapabilities)), ATTRIBUTES);
this.runtimeCapabilities = runtimeCapabilities;
this.serviceType = serviceType;
+ this.wrapper = wrapper;
}
@Override
@@ -131,14 +126,13 @@ protected void performRuntime(OperationContext context, ModelNode operation, Mod
final Map configurationMap;
configurationMap = CONFIGURATION.unwrap(context, model);
- TrivialService customComponentService = new TrivialService(() -> createValue(module, className, configurationMap));
-
- ServiceBuilder serviceBuilder = serviceTarget.addService(primaryServiceName, customComponentService);
- for (int i=1;i serviceBuilder = serviceTarget.addService(primaryServiceName);
+ for (int i = 1; i < runtimeCapabilities.length; i++) {
serviceBuilder.addAliases(toServiceName(runtimeCapabilities[i], address));
}
- commonDependencies(serviceBuilder)
+ commonRequirements(serviceBuilder)
+ .setInstance(new TrivialService<>(() -> createValue(module, className, configurationMap)))
.setInitialMode(Mode.ACTIVE)
.install();
}
@@ -152,9 +146,9 @@ private T createValue(String module, String className, Map confi
try {
classLoader = doPrivileged((PrivilegedExceptionAction) () -> resolveClassLoader(module));
- Class extends T> typeClazz = classLoader.loadClass(className).asSubclass(serviceType);
+ Class extends C> typeClazz = classLoader.loadClass(className).asSubclass(serviceType);
- T component = typeClazz.getDeclaredConstructor().newInstance();
+ C component = typeClazz.getDeclaredConstructor().newInstance();
if (configuration != null && !configuration.isEmpty()) {
try {
@@ -165,7 +159,7 @@ private T createValue(String module, String className, Map confi
}
}
- return component;
+ return wrapper.apply(component);
} catch (PrivilegedActionException e) {
throw new StartException(e.getCause());
} catch (Exception e) {
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java
index 40f12c4c822..dcdbfdf62b1 100644
--- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java
+++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java
@@ -18,7 +18,6 @@
package org.wildfly.extension.elytron;
-import static org.wildfly.extension.elytron.ElytronExtension.isServerOrHostController;
import static org.wildfly.extension.elytron.Capabilities.AUTHENTICATION_CONTEXT_CAPABILITY;
import static org.wildfly.extension.elytron.Capabilities.ELYTRON_RUNTIME_CAPABILITY;
import static org.wildfly.extension.elytron.Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY;
@@ -29,12 +28,16 @@
import static org.wildfly.extension.elytron.Capabilities.REALM_MAPPER_RUNTIME_CAPABILITY;
import static org.wildfly.extension.elytron.Capabilities.ROLE_DECODER_RUNTIME_CAPABILITY;
import static org.wildfly.extension.elytron.Capabilities.ROLE_MAPPER_RUNTIME_CAPABILITY;
+import static org.wildfly.extension.elytron.Capabilities.SECURITY_EVENT_LISTENER_RUNTIME_CAPABILITY;
import static org.wildfly.extension.elytron.Capabilities.SECURITY_FACTORY_CREDENTIAL_RUNTIME_CAPABILITY;
import static org.wildfly.extension.elytron.Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY;
+import static org.wildfly.extension.elytron.ElytronExtension.isServerOrHostController;
import java.security.Provider;
import java.util.List;
import java.util.Map;
+import java.util.function.Consumer;
+import java.util.function.Function;
import org.jboss.as.controller.AbstractBoottimeAddStepHandler;
import org.jboss.as.controller.AttributeMarshaller;
@@ -72,6 +75,7 @@
import org.jboss.msc.service.ServiceTarget;
import org.wildfly.extension.elytron.capabilities.CredentialSecurityFactory;
import org.wildfly.extension.elytron.capabilities.PrincipalTransformer;
+import org.wildfly.extension.elytron.capabilities._private.SecurityEventListener;
import org.wildfly.security.Version;
import org.wildfly.security.auth.server.ModifiableSecurityRealm;
import org.wildfly.security.auth.server.PrincipalDecoder;
@@ -140,6 +144,8 @@ public void registerChildren(ManagementResourceRegistration resourceRegistration
// Audit
resourceRegistration.registerSubModel(AuditResourceDefinitions.getAggregateSecurityEventListenerDefinition());
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(Consumer.class, SecurityEventListener::from,
+ ElytronDescriptionConstants.CUSTOM_SECURITY_EVENT_LISTENER, SECURITY_EVENT_LISTENER_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(AuditResourceDefinitions.getFileAuditLogResourceDefinition());
resourceRegistration.registerSubModel(AuditResourceDefinitions.getPeriodicRotatingFileAuditLogResourceDefinition());
resourceRegistration.registerSubModel(AuditResourceDefinitions.getSizeRotatingFileAuditLogResourceDefinition());
@@ -154,9 +160,9 @@ public void registerChildren(ManagementResourceRegistration resourceRegistration
// Security Realms
resourceRegistration.registerSubModel(new AggregateRealmDefinition());
- resourceRegistration.registerSubModel(new CustomComponentDefinition(SecurityRealm.class, ElytronDescriptionConstants.CUSTOM_REALM, SECURITY_REALM_RUNTIME_CAPABILITY));
- resourceRegistration.registerSubModel(ModifiableRealmDecorator.wrap(new CustomComponentDefinition(
- ModifiableSecurityRealm.class, ElytronDescriptionConstants.CUSTOM_MODIFIABLE_REALM,
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(SecurityRealm.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_REALM, SECURITY_REALM_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(ModifiableRealmDecorator.wrap(new CustomComponentDefinition<>(
+ ModifiableSecurityRealm.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_MODIFIABLE_REALM,
MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY, SECURITY_REALM_RUNTIME_CAPABILITY)));
resourceRegistration.registerSubModel(RealmDefinitions.getIdentityRealmDefinition());
resourceRegistration.registerSubModel(new JdbcRealmDefinition());
@@ -168,11 +174,11 @@ public void registerChildren(ManagementResourceRegistration resourceRegistration
resourceRegistration.registerSubModel(new CachingRealmDefinition());
// Security Factories
- resourceRegistration.registerSubModel(new CustomComponentDefinition(CredentialSecurityFactory.class, ElytronDescriptionConstants.CUSTOM_CREDENTIAL_SECURITY_FACTORY, SECURITY_FACTORY_CREDENTIAL_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(CredentialSecurityFactory.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_CREDENTIAL_SECURITY_FACTORY, SECURITY_FACTORY_CREDENTIAL_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(KerberosSecurityFactoryDefinition.getKerberosSecurityFactoryDefinition());
// Permission Mappers
- resourceRegistration.registerSubModel(new CustomComponentDefinition(PermissionMapper.class, ElytronDescriptionConstants.CUSTOM_PERMISSION_MAPPER, PERMISSION_MAPPER_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(PermissionMapper.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_PERMISSION_MAPPER, PERMISSION_MAPPER_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(PermissionMapperDefinitions.getLogicalPermissionMapper());
resourceRegistration.registerSubModel(PermissionMapperDefinitions.getSimplePermissionMapper());
resourceRegistration.registerSubModel(PermissionMapperDefinitions.getConstantPermissionMapper());
@@ -184,25 +190,25 @@ public void registerChildren(ManagementResourceRegistration resourceRegistration
resourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getAggregatePrincipalDecoderDefinition());
resourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getConcatenatingPrincipalDecoder());
resourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getConstantPrincipalDecoder());
- resourceRegistration.registerSubModel(new CustomComponentDefinition(PrincipalDecoder.class, ElytronDescriptionConstants.CUSTOM_PRINCIPAL_DECODER, PRINCIPAL_DECODER_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(PrincipalDecoder.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_PRINCIPAL_DECODER, PRINCIPAL_DECODER_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getX500AttributePrincipalDecoder());
// Principal Transformers
resourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getAggregatePrincipalTransformerDefinition());
resourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getChainedPrincipalTransformerDefinition());
resourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getConstantPrincipalTransformerDefinition());
- resourceRegistration.registerSubModel(new CustomComponentDefinition(PrincipalTransformer.class, ElytronDescriptionConstants.CUSTOM_PRINCIPAL_TRANSFORMER, PRINCIPAL_TRANSFORMER_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(PrincipalTransformer.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_PRINCIPAL_TRANSFORMER, PRINCIPAL_TRANSFORMER_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getRegexPrincipalTransformerDefinition());
resourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getRegexValidatingPrincipalTransformerDefinition());
// Realm Mappers
resourceRegistration.registerSubModel(RealmMapperDefinitions.getConstantRealmMapper());
- resourceRegistration.registerSubModel(new CustomComponentDefinition(RealmMapper.class, ElytronDescriptionConstants.CUSTOM_REALM_MAPPER, REALM_MAPPER_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(RealmMapper.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_REALM_MAPPER, REALM_MAPPER_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(RealmMapperDefinitions.getMappedRegexRealmMapper());
resourceRegistration.registerSubModel(RealmMapperDefinitions.getSimpleRegexRealmMapperDefinition());
// Role Decoders
- resourceRegistration.registerSubModel(new CustomComponentDefinition(RoleDecoder.class, ElytronDescriptionConstants.CUSTOM_ROLE_DECODER, ROLE_DECODER_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(RoleDecoder.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_ROLE_DECODER, ROLE_DECODER_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(RoleDecoderDefinitions.getSimpleRoleDecoderDefinition());
// Role Mappers
@@ -210,7 +216,7 @@ public void registerChildren(ManagementResourceRegistration resourceRegistration
resourceRegistration.registerSubModel(RoleMapperDefinitions.getAddPrefixRoleMapperDefinition());
resourceRegistration.registerSubModel(RoleMapperDefinitions.getAggregateRoleMapperDefinition());
resourceRegistration.registerSubModel(RoleMapperDefinitions.getConstantRoleMapperDefinition());
- resourceRegistration.registerSubModel(new CustomComponentDefinition(RoleMapper.class, ElytronDescriptionConstants.CUSTOM_ROLE_MAPPER, ROLE_MAPPER_RUNTIME_CAPABILITY));
+ resourceRegistration.registerSubModel(new CustomComponentDefinition<>(RoleMapper.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_ROLE_MAPPER, ROLE_MAPPER_RUNTIME_CAPABILITY));
resourceRegistration.registerSubModel(RoleMapperDefinitions.getLogicalRoleMapperDefinition());
resourceRegistration.registerSubModel(RoleMapperDefinitions.getMappedRoleMapperDefinition());
@@ -278,17 +284,28 @@ protected void revertUpdateToRuntime(OperationContext context, ModelNode operati
resourceRegistration.registerReadWriteAttribute(SECURITY_PROPERTIES, null, new SecurityPropertiesWriteHandler(SECURITY_PROPERTIES));
}
-
+ @Deprecated
static ServiceBuilder commonDependencies(ServiceBuilder serviceBuilder) {
return commonDependencies(serviceBuilder, true, true);
}
+ @Deprecated
static ServiceBuilder commonDependencies(ServiceBuilder serviceBuilder, boolean dependOnProperties, boolean dependOnProviderRegistration) {
if (dependOnProperties) serviceBuilder.addDependencies(SecurityPropertyService.SERVICE_NAME);
if (dependOnProviderRegistration) serviceBuilder.addDependencies(ProviderRegistrationService.SERVICE_NAME);
return serviceBuilder;
}
+ static ServiceBuilder commonRequirements(ServiceBuilder serviceBuilder) {
+ return commonRequirements(serviceBuilder, true, true);
+ }
+
+ static ServiceBuilder commonRequirements(ServiceBuilder serviceBuilder, boolean dependOnProperties, boolean dependOnProviderRegistration) {
+ if (dependOnProperties) serviceBuilder.requires(SecurityPropertyService.SERVICE_NAME);
+ if (dependOnProviderRegistration) serviceBuilder.requires(ProviderRegistrationService.SERVICE_NAME);
+ return serviceBuilder;
+ }
+
private static void installService(ServiceName serviceName, Service> service, ServiceTarget serviceTarget) {
serviceTarget.addService(serviceName, service)
.setInitialMode(Mode.ACTIVE)
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java
index 06c1889f4c0..be5b72aeba0 100644
--- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java
+++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronDescriptionConstants.java
@@ -122,6 +122,7 @@ interface ElytronDescriptionConstants {
String CREDENTIAL_STORES = "credential-stores";
String CREDENTIALS = "credentials";
String CRITICAL = "critical";
+
String CUSTOM_CREDENTIAL_SECURITY_FACTORY = "custom-credential-security-factory";
String CUSTOM_PERMISSION_MAPPER = "custom-permission-mapper";
String CUSTOM_POLICY = "custom-policy";
@@ -132,6 +133,7 @@ interface ElytronDescriptionConstants {
String CUSTOM_REALM_MAPPER = "custom-realm-mapper";
String CUSTOM_ROLE_DECODER = "custom-role-decoder";
String CUSTOM_ROLE_MAPPER = "custom-role-mapper";
+ String CUSTOM_SECURITY_EVENT_LISTENER = "custom-security-event-listener";
String DATA_SOURCE = "data-source";
String DEBUG = "debug";
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser3_0.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser3_0.java
index efe3ee2f76e..fff1bdd5235 100644
--- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser3_0.java
+++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser3_0.java
@@ -61,7 +61,7 @@ public PersistentResourceXMLDescription getParserDescription() {
.addChild(getRealmParser())
.addChild(getCredentialSecurityFactoryParser())
.addChild(getMapperParser())
- .addChild(getPermissionSetParser())
+ .addChild(getPermissionSetParser()) // new
.addChild(getHttpParser())
.addChild(getSaslParser())
.addChild(getTlsParser())
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser4_0.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser4_0.java
index 46b1550bf35..bf2c03262bf 100644
--- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser4_0.java
+++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemParser4_0.java
@@ -18,6 +18,8 @@
package org.wildfly.extension.elytron;
+import org.jboss.as.controller.PersistentResourceXMLDescription;
+
/**
* The subsystem parser, which uses stax to read and write to and from xml.
*
@@ -31,4 +33,9 @@ String getNameSpace() {
return ElytronExtension.NAMESPACE_4_0;
}
+ @Override
+ PersistentResourceXMLDescription getAuditLoggingParser() {
+ return new AuditLoggingParser().parser4_0;
+ }
+
}
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java
index cb6013cc09e..1e311a09b4b 100644
--- a/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java
+++ b/elytron/src/main/java/org/wildfly/extension/elytron/ElytronSubsystemTransformers.java
@@ -89,6 +89,7 @@ private static void from4(ChainedTransformationDescriptionBuilder chainedBuilder
), PRINCIPAL_QUERIES)
.end();
builder.rejectChildResource(PathElement.pathElement(ElytronDescriptionConstants.MAPPED_ROLE_MAPPER));
+ builder.rejectChildResource(PathElement.pathElement(ElytronDescriptionConstants.CUSTOM_SECURITY_EVENT_LISTENER));
}
private static void from3(ChainedTransformationDescriptionBuilder chainedBuilder) {
diff --git a/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties b/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties
index d5c7086a0da..c2f8ec0a510 100644
--- a/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties
+++ b/elytron/src/main/resources/org/wildfly/extension/elytron/LocalDescriptions.properties
@@ -107,6 +107,15 @@ elytron.aggregate-security-event-listener.remove=The remove operation for the ag
# Attributes
elytron.aggregate-security-event-listener.security-event-listeners=The referenced security event listener resources to aggregate.
+elytron.custom-security-event-listener=A custom security event listener. (Audit logger for example.)
+# Operations
+elytron.custom-security-event-listener.add=The add operation for the listener.
+elytron.custom-security-event-listener.remove=The remove operation for the listener.
+# Attributes
+elytron.custom-security-event-listener.module=The module to use to load the custom security event listener.
+elytron.custom-security-event-listener.class-name=The class name of the implementation of the custom security event listener.
+elytron.custom-security-event-listener.configuration=The optional key/value configuration for the custom security event listener.
+
elytron.file-audit-log=An audit logger that logs to a local file.
# Operations
elytron.file-audit-log.add=Add the audit logger resource.
diff --git a/elytron/src/main/resources/schema/wildfly-elytron_4_0.xsd b/elytron/src/main/resources/schema/wildfly-elytron_4_0.xsd
index 98a9ea287ec..f37624a6404 100644
--- a/elytron/src/main/resources/schema/wildfly-elytron_4_0.xsd
+++ b/elytron/src/main/resources/schema/wildfly-elytron_4_0.xsd
@@ -497,7 +497,8 @@
-
+
+
@@ -545,7 +546,7 @@
-
+
A security event listener definition that is actually an aggregation of other security event listeners.
@@ -728,6 +729,31 @@
+
+
+
+ A security event listener definition for a custom security event listener implementation.
+
+
+
+
+
+
+
+
+ The configuration to apply to the security event listener implementation.
+
+ Note: If configuration is supplied the listener MUST implement a void initialize(Map<String, String>) method.
+
+
+
+
+
+
+
+
+
diff --git a/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java b/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java
index e84b9f88552..64e425d7b79 100644
--- a/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java
+++ b/elytron/src/test/java/org/wildfly/extension/elytron/SubsystemTransformerTestCase.java
@@ -123,6 +123,9 @@ private void testRejectingTransformers(ModelTestControllerVersion controllerVers
.addFailedAttribute(subsystemAddress.append(PathElement.pathElement(ElytronDescriptionConstants.MAPPED_ROLE_MAPPER, "DisallowedMappedRoleMapper")),
FailedOperationTransformationConfig.REJECTED_RESOURCE
)
+ .addFailedAttribute(subsystemAddress.append(PathElement.pathElement(ElytronDescriptionConstants.CUSTOM_SECURITY_EVENT_LISTENER)),
+ FailedOperationTransformationConfig.REJECTED_RESOURCE
+ )
);
/*ModelTestUtils.checkFailedTransformedBootOperations(mainServices, elytronVersion, ops, new FailedOperationTransformationConfig()
...
diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-1.2-reject.xml b/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-1.2-reject.xml
index 34a4f260a4f..d6e5bee8d4e 100644
--- a/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-1.2-reject.xml
+++ b/elytron/src/test/resources/org/wildfly/extension/elytron/elytron-transformers-1.2-reject.xml
@@ -19,4 +19,7 @@
+
+
+