Update failover-realm to EE10 and WFLY 27.0.1.Final

schlijo · Jan 18, 2023 · 938737d · 938737d
1 parent 2140f90
commit 938737d
Show file tree

Hide file tree

Showing 8 changed files with 92 additions and 55 deletions.
diff --git a/failover-realm/README.md b/failover-realm/README.md
@@ -20,13 +20,14 @@ Please take a look at the `configureFailoverRealm.cli` file located in this fold
 ## Usage
 
 Run wildfly server and then move to source folder of this example. To configure server you can use:
-```
+
+```bash
 {path_to_wildfly}/bin/jboss-cli.sh --connect --file=configureFailoverRealm.cli
 ```
 
 Compile the secured servlet included in this example and deploy it to the running server:
 
-```
+```bash
 mvn clean install wildfly:deploy
 ```
 
@@ -41,3 +42,16 @@ WARN  [org.wildfly.security] (default task-1) ELY13001: Realm is failing over.:
 
 This warning message notifies you that the LDAP realm was unavailable and fail over realm was used instead.
 
+## Restoring configuration
+
+Once you are finished with the demo, undeploy the servlet from the running server:
+
+```bash
+mvn wildfly:undeploy
+```
+
+Then, restore the server configuration by running the `restoreFailoverRealm.cli` script:
+
+```bash
+{path_to_wildfly}/bin/jboss-cli.sh --connect --file=restoreFailoverRealm.cli
+```
diff --git a/failover-realm/configureFailoverRealm.cli b/failover-realm/configureFailoverRealm.cli
@@ -1,13 +1,9 @@
-if (outcome != success) of /subsystem=elytron/simple-role-decoder=from-roles-attribute:read-resource
- /subsystem=elytron/simple-role-decoder=from-roles-attribute:add(attribute=Roles)
-end-if
-
 batch
 
 # Configure LDAP realm
 /subsystem=elytron/dir-context=exampleDC:add(url="ldap://172.17.0.2:389",principal="cn=admin,dc=wildfly,dc=org",credential-reference={clear-text="admin"})
 /subsystem=elytron/ldap-realm=exampleLdapRealm:add(dir-context=exampleDC,identity-mapping={search-base-dn="ou=Users,dc=wildfly,dc=org",rdn-identifier="uid",user-password-mapper={from="userPassword"},attribute-mapping=[{filter-base-dn="ou=Roles,dc=wildfly,dc=org",filter="(&(objectClass=groupOfNames)(member={1}))",from="cn",to="Roles"}]})
- 
+
 # Add filesystem realm with user frank with roles Admin
 /subsystem=elytron/filesystem-realm=exampleFSRealm:add(path=demofs-realm-users,relative-to=jboss.server.config.dir)
 /subsystem=elytron/filesystem-realm=exampleFSRealm:add-identity(identity=frank)
@@ -17,11 +13,12 @@ batch
 # Add failover-realm with exampleLdapRealm as delegate and exampleFSRealm as failover filesystem realm. When exampleLdapRealm is unavailable, the request will be moved to exampleFSRealm
 /subsystem=elytron/failover-realm=failoverRealm:add(delegate-realm=exampleLdapRealm,failover-realm=exampleFSRealm)
 
-# Add security domain failoverSD that uses failoverRealm and from-roles-attribute role decoder
-/subsystem=elytron/security-domain=failoverSD:add(default-realm=failoverRealm,permission-mapper=default-permission-mapper,realms=[{realm=failoverRealm,role-decoder="from-roles-attribute"}])
- 
- # Configure HTTP authentication factory to use failoverSD and BASIC auth mechanism and configure undertow to use this http authentication factory
+# Add security domain failoverSD that uses failoverRealm
+/subsystem=elytron/security-domain=failoverSD:add(default-realm=failoverRealm,permission-mapper=default-permission-mapper,realms=[{realm=failoverRealm}])
+
+ # Configure HTTP authentication factory to use failoverSD and BASIC auth mechanism and configure Undertow to use this http authentication factory
 /subsystem=elytron/http-authentication-factory=example-failover-http-auth:add(http-server-mechanism-factory="global",mechanism-configurations=[{mechanism-name="BASIC",mechanism-realm-configurations=[{realm-name="RealmUsersRoles"}]}],security-domain=failoverSD)
 /subsystem=undertow/application-security-domain=httpSD:add(http-authentication-factory=example-failover-http-auth)
-
-run-batch
+
+run-batch
+reload
diff --git a/failover-realm/pom.xml b/failover-realm/pom.xml
@@ -27,11 +27,21 @@
     <name>failover-realm-demo</name>
     <description>Example of failover realm in elytron subsystem</description>
 
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <maven.compiler.source>11</maven.compiler.source>
+        <maven.compiler.target>11</maven.compiler.target>
+
+        <version.maven-war-plugin>3.3.2</version.maven-war-plugin>
+        <version.org.wildfly.plugins.wildfly-maven-plugin>4.0.0.Final</version.org.wildfly.plugins.wildfly-maven-plugin>
+        <version.server.bom>27.0.1.Final</version.server.bom>
+    </properties>
+
     <dependencyManagement>
         <dependencies>
             <dependency>
                 <groupId>org.wildfly.bom</groupId>
-                <artifactId>wildfly-jakartaee8-with-tools</artifactId>
+                <artifactId>wildfly-ee-with-tools</artifactId>
                 <version>${version.server.bom}</version>
                 <type>pom</type>
                 <scope>import</scope>
@@ -40,18 +50,8 @@
     </dependencyManagement>
     <dependencies>
         <dependency>
-            <groupId>jakarta.enterprise</groupId>
-            <artifactId>jakarta.enterprise.cdi-api</artifactId>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.jboss.spec.javax.annotation</groupId>
-            <artifactId>jboss-annotations-api_1.3_spec</artifactId>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.jboss.spec.javax.servlet</groupId>
-            <artifactId>jboss-servlet-api_4.0_spec</artifactId>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
             <scope>provided</scope>
         </dependency>
     </dependencies>
@@ -61,22 +61,16 @@
             <plugin>
                 <groupId>org.wildfly.plugins</groupId>
                 <artifactId>wildfly-maven-plugin</artifactId>
-                <version>2.0.0.Final</version>
+                <version>${version.org.wildfly.plugins.wildfly-maven-plugin}</version>
             </plugin>
             <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-war-plugin</artifactId>
-                <version>2.4</version>
+                <version>${version.maven-war-plugin}</version>
                 <configuration>
                     <failOnMissingWebXml>false</failOnMissingWebXml>
                 </configuration>
             </plugin>
         </plugins>
     </build>
-
-    <properties>
-        <version.jboss.spec.javaee.7.0>1.1.1.Final</version.jboss.spec.javaee.7.0>
-        <version.server.bom>24.0.0.Final</version.server.bom>
-        <maven.compiler.source>1.8</maven.compiler.source>
-        <maven.compiler.target>1.8</maven.compiler.target>
-    </properties>
 </project>
diff --git a/failover-realm/restoreFailoverRealm.cli b/failover-realm/restoreFailoverRealm.cli
@@ -0,0 +1,27 @@
+batch
+
+# Remove Undertow application security domain and HTTP authentication factory
+/subsystem=undertow/application-security-domain=httpSD:remove()
+/subsystem=elytron/http-authentication-factory=example-failover-http-auth:remove()
+
+# Remove failoverSD security domain and failover-realm security realm
+/subsystem=elytron/security-domain=failoverSD:remove()
+/subsystem=elytron/failover-realm=failoverRealm:remove()
+
+# Remove user frank from filesystem realm
+/subsystem=elytron/filesystem-realm=exampleFSRealm:remove-identity(identity=frank)
+
+# Run commands, reload server, and start batching commands again
+run-batch
+reload
+batch
+
+# Remove filesystem realm
+/subsystem=elytron/filesystem-realm=exampleFSRealm:remove()
+
+# Remove LDAP realm and configuration
+/subsystem=elytron/ldap-realm=exampleLdapRealm:remove()
+/subsystem=elytron/dir-context=exampleDC:remove()
+
+# Run batched commands
+run-batch
diff --git a/failover-realm/src/main/java/realms/demo/SecuredServlet.java b/failover-realm/src/main/java/realms/demo/SecuredServlet.java
@@ -21,13 +21,13 @@
 import java.io.PrintWriter;
 import java.security.Principal;
 
-import javax.servlet.ServletException;
-import javax.servlet.annotation.HttpConstraint;
-import javax.servlet.annotation.ServletSecurity;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.annotation.HttpConstraint;
+import jakarta.servlet.annotation.ServletSecurity;
+import jakarta.servlet.annotation.WebServlet;
+import jakarta.servlet.http.HttpServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 @SuppressWarnings("serial")
 @WebServlet("/secure")

diff --git a/failover-realm/src/main/webapp/WEB-INF/beans.xml b/failover-realm/src/main/webapp/WEB-INF/beans.xml
@@ -15,9 +15,9 @@
     See the License for the specific language governing permissions and
     limitations under the License.
 -->
-<beans xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<beans xmlns="https://jakarta.ee/xml/ns/jakartaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="
-      http://xmlns.jcp.org/xml/ns/javaee
-      http://xmlns.jcp.org/xml/ns/javaee/beans_1_1.xsd"
+      https://jakarta.ee/xml/ns/jakartaee
+      https://jakarta.ee/xml/ns/jakartaee/beans_4_0.xsd"
     bean-discovery-mode="all">
 </beans>
diff --git a/failover-realm/src/main/webapp/WEB-INF/jboss-web.xml b/failover-realm/src/main/webapp/WEB-INF/jboss-web.xml
@@ -16,9 +16,10 @@
     limitations under the License.
 -->
 <!DOCTYPE jboss-web>
-<jboss-web xmlns="http://www.jboss.com/xml/ns/javaee"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://www.jboss.org/schema/jbossas
-    http://www.jboss.org/schema/jbossas/jboss-web_7_2.xsd">
-   <security-domain>httpSD</security-domain>
+<jboss-web xmlns="urn:jboss:jakartaee:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="
+      urn:jboss:jakartaee:1.0
+      https://www.jboss.org/schema/jbossas/jboss-web_15_0.xsd"
+    version="15.0">
+    <security-domain>httpSD</security-domain>
 </jboss-web>
diff --git a/failover-realm/src/main/webapp/WEB-INF/web.xml b/failover-realm/src/main/webapp/WEB-INF/web.xml
@@ -15,9 +15,13 @@
     See the License for the specific language governing permissions and
     limitations under the License.
 -->
-<web-app version="3.1">
-   <login-config>
-      <auth-method>BASIC</auth-method>
-      <realm-name>distributedRealmsUsers</realm-name>
-   </login-config>
+<web-app xmlns="https://jakarta.ee/xml/ns/jakartaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="
+      https://jakarta.ee/xml/ns/jakartaee
+      https://jakarta.ee/xml/ns/jakartaee/web-app_6_0.xsd"
+    version="6.0">
+    <login-config>
+        <auth-method>BASIC</auth-method>
+        <realm-name>distributedRealmsUsers</realm-name>
+    </login-config>
 </web-app>