nheron/kie-platform
nheron/kie-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

work on user security

Browse source
This commit is contained in:
Nicolas Héron 2019-11-14 11:30:34 +01:00
commit 31a7494361
14 changed files with 779 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

28
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-elytron-realm/README.md Normal file
View file

@ -0,0 +1,28 @@
Pymma kie realm for WildFly Elytron
=======================================
Simple demonstration security realm for WildFly Elytron providing one user identity "myadmin" with password "mypassword".
It support password verification only, so it can be used with plain-text authentication mechanisms like BASIC, PLAIN or FORM.
To support mechanisms like DIGEST or SCRAM you will need to implement credential acquirement too.
Usage
*****
Compile:
mvn package
Add the module into the WildFly:
bin/jboss-cli.sh
module add --name=com.pymmasoftware.kie-realm --resources=custom-realm-1.0.0.Alpha1-SNAPSHOT.jar --dependencies=org.wildfly.security.elytron,org.wildfly.extension.elytron
Add a custom-realm into the subsystem:
/subsystem=elytron/custom-realm=pymmaKieRealm:add(module=com.pymmasoftware.kie-realm, class-name=org.chtijbug.wildfly.realm.PymmaKieRealm, configuration={myAttribute="myValue"})
use it
/subsystem=elytron/security-domain=ApplicationDomain:list-add(name=realms, index=0, value={realm=pymmaKieRealm})
/subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=default-realm, value=pymmaKieRealm)
reload

85
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-elytron-realm/pom.xml Normal file
View file

@ -0,0 +1,85 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>drools-framework-kie-wb-parent</artifactId>
<groupId>com.pymmasoftware.jbpm</groupId>
<version>1.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>drools-framework-elytron-realm</artifactId>
<dependencies>
<!-- interface SecurityRealm -->
<dependency>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron</artifactId>
<version>${version.org.wildfly.security.wildfly-elytron}</version>
</dependency>
<!-- interface Configurable -->
<dependency>
<groupId>org.wildfly.core</groupId>
<artifactId>wildfly-elytron-integration</artifactId>
<version>${version.org.wildfly.core}</version>
</dependency>
<dependency>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver</artifactId>
<version>${version.mongodb.driver}</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.6</version>
<executions>
<execution>
<id>copy</id>
<phase>package</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver</artifactId>
<version>${version.mongodb.driver}</version>
<type>jar</type>
<overWrite>yes</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>mongodb-driver.jar</destFileName>
</artifactItem>
<artifactItem>
<groupId>org.mongodb</groupId>
<artifactId>bson</artifactId>
<version>${version.mongodb.driver}</version>
<type>jar</type>
<overWrite>yes</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>bson.jar</destFileName>
</artifactItem>
<artifactItem>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver-core</artifactId>
<version>${version.mongodb.driver}</version>
<type>jar</type>
<overWrite>yes</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>mongodb-driver-core.jar</destFileName>
</artifactItem>
</artifactItems>
<outputDirectory>${project.build.directory}/</outputDirectory>
<overWriteReleases>true</overWriteReleases>
<overWriteSnapshots>true</overWriteSnapshots>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

129
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-elytron-realm/src/main/java/org/chtijbug/wildfly/realm/PymmaKieRealm.java Normal file
View file

@ -0,0 +1,129 @@
/*
* Copyright 2018 Red Hat, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.chtijbug.wildfly.realm;
import com.mongodb.MongoClientSettings;
import com.mongodb.client.MongoClient;
import com.mongodb.client.MongoClients;
import com.mongodb.client.MongoDatabase;
import org.bson.codecs.configuration.CodecRegistry;
import org.bson.codecs.pojo.PojoCodecProvider;
import org.wildfly.extension.elytron.Configurable;
import org.wildfly.security.auth.SupportLevel;
import org.wildfly.security.auth.server.RealmIdentity;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.evidence.Evidence;
import org.wildfly.security.evidence.PasswordGuessEvidence;
import java.security.Principal;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import java.util.Map;
import static org.bson.codecs.configuration.CodecRegistries.fromProviders;
import static org.bson.codecs.configuration.CodecRegistries.fromRegistries;
/**
* Example of custom-realm for WildFly Elytron
* Realm providing one identity "myadmin" with password "mypassword"
*
* @author <a href="mailto:jkalina@redhat.com">Jan Kalina</a>
*/
public class PymmaKieRealm implements SecurityRealm, Configurable {
private String connectionString;
private String databaseName;
private MongoClient mongoClient;
CodecRegistry pojoCodecRegistry;
MongoDatabase database;
// receiving configuration from subsystem
public void initialize(Map<String, String> configuration) {
connectionString = configuration.get("connectionString");
databaseName = configuration.get("name");
System.out.println("PymmaKieRealm initialized with databaseName = " + connectionString );
mongoClient = MongoClients.create(connectionString);
pojoCodecRegistry = fromRegistries(MongoClientSettings.getDefaultCodecRegistry(),
fromProviders(PojoCodecProvider.builder().automatic(true).build()));
database = mongoClient.getDatabase(databaseName).withCodecRegistry(pojoCodecRegistry);
System.out.println("All setup");
}
// this realm does not allow acquiring credentials
public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName,
AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException {
return SupportLevel.UNSUPPORTED;
}
// this realm will be able to verify password evidences only
public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName)
throws RealmUnavailableException {
return PasswordGuessEvidence.class.isAssignableFrom(evidenceType) ? SupportLevel.POSSIBLY_SUPPORTED : SupportLevel.UNSUPPORTED;
}
public RealmIdentity getRealmIdentity(final Principal principal) throws RealmUnavailableException {
if ("myadmin".equals(principal.getName())) { // identity "myadmin" will have password "mypassword"
return new RealmIdentity() {
public Principal getRealmIdentityPrincipal() {
return principal;
}
public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType,
String algorithmName, AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException {
return SupportLevel.UNSUPPORTED;
}
public <C extends Credential> C getCredential(Class<C> credentialType) throws RealmUnavailableException {
return null;
}
public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName)
throws RealmUnavailableException {
return PasswordGuessEvidence.class.isAssignableFrom(evidenceType) ? SupportLevel.SUPPORTED : SupportLevel.UNSUPPORTED;
}
// evidence will be accepted if it is password "mypassword"
public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
if (evidence instanceof PasswordGuessEvidence) {
PasswordGuessEvidence guess = (PasswordGuessEvidence) evidence;
try {
return Arrays.equals("mypassword".toCharArray(), guess.getGuess());
} finally {
guess.destroy();
}
}
return false;
}
public boolean exists() throws RealmUnavailableException {
return true;
}
};
}
return RealmIdentity.NON_EXISTENT;
}
}

72
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-uberfire-security-service/pom.xml Normal file
View file

@ -0,0 +1,72 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>drools-framework-kie-wb-parent</artifactId>
<groupId>com.pymmasoftware.jbpm</groupId>
<version>1.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>drools-framework-uberfire-security-service</artifactId>
<dependencies>
<dependency>
<groupId>org.uberfire</groupId>
<artifactId>uberfire-api</artifactId>
</dependency>
<dependency>
<groupId>org.uberfire</groupId>
<artifactId>uberfire-commons</artifactId>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-commons</artifactId>
</dependency>
<dependency>
<groupId>org.uberfire</groupId>
<artifactId>uberfire-security-management-api</artifactId>
</dependency>
<dependency>
<groupId>org.uberfire</groupId>
<artifactId>uberfire-security-management-backend</artifactId>
</dependency>
<dependency>
<groupId>javax.inject</groupId>
<artifactId>javax.inject</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.errai</groupId>
<artifactId>errai-javax-enterprise</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.errai</groupId>
<artifactId>errai-security-server</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.errai</groupId>
<artifactId>errai-bus</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>javax.inject</groupId>
<artifactId>javax.inject</artifactId>
<version>1</version>
</dependency>
</dependencies>
</project>

122
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-uberfire-security-service/src/main/java/org/chtijbug/guvnor/uberfire/security/KiePlatformGroupManager.java Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.chtijbug.guvnor.uberfire.security;
import org.jboss.errai.security.shared.api.Group;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.uberfire.commons.config.ConfigProperties;
import org.uberfire.ext.security.management.api.*;
import org.uberfire.ext.security.management.api.exception.SecurityManagementException;
import org.uberfire.ext.security.management.api.exception.UnsupportedServiceCapabilityException;
import org.uberfire.ext.security.management.impl.GroupManagerSettingsImpl;
import org.uberfire.ext.security.management.search.GroupsIdentifierRuntimeSearchEngine;
import org.uberfire.ext.security.management.search.IdentifierRuntimeSearchEngine;
import org.uberfire.ext.security.management.util.SecurityManagementUtils;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
/**
* <p>Groups manager service provider implementation for Apache tomcat, when using default realm based on properties files.</p>
* @since 0.8.0
*/
public class KiePlatformGroupManager implements GroupManager,
ContextualManager {
private static final Logger LOG = LoggerFactory.getLogger(KiePlatformGroupManager.class);
IdentifierRuntimeSearchEngine<Group> groupsSearchEngine;
public KiePlatformGroupManager() {
this(new ConfigProperties(System.getProperties()));
}
public KiePlatformGroupManager(final Map<String, String> gitPrefs) {
this(new ConfigProperties(gitPrefs));
}
public KiePlatformGroupManager(final ConfigProperties gitPrefs) {
// loadConfig(gitPrefs);
}
@Override
public void initialize(UserSystemManager userSystemManager) throws Exception {
groupsSearchEngine = new GroupsIdentifierRuntimeSearchEngine();
}
@Override
public void destroy() throws Exception {
}
@Override
public SearchResponse<Group> search(SearchRequest request) throws SecurityManagementException {
return null;
}
@Override
public Group get(String identifier) throws SecurityManagementException {
return null;
}
@Override
public Group create(Group entity) throws SecurityManagementException {
return null;
}
@Override
public Group update(Group entity) throws SecurityManagementException {
throw new UnsupportedServiceCapabilityException(Capability.CAN_UPDATE_GROUP);
}
@Override
public void delete(String... identifiers) throws SecurityManagementException {
}
@Override
public GroupManagerSettings getSettings() {
final Map<Capability, CapabilityStatus> capabilityStatusMap = new HashMap<Capability, CapabilityStatus>(8);
for (final Capability capability : SecurityManagementUtils.GROUPS_CAPABILITIES) {
capabilityStatusMap.put(capability,
getCapabilityStatus(capability));
}
return new GroupManagerSettingsImpl(capabilityStatusMap,
true);
}
protected CapabilityStatus getCapabilityStatus(Capability capability) {
if (capability != null) {
switch (capability) {
case CAN_SEARCH_GROUPS:
case CAN_ADD_GROUP:
case CAN_READ_GROUP:
case CAN_DELETE_GROUP:
return CapabilityStatus.ENABLED;
}
}
return CapabilityStatus.UNSUPPORTED;
}
@Override
public void assignUsers(String name,
Collection<String> users) throws SecurityManagementException {
}
}

37
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-uberfire-security-service/src/main/java/org/chtijbug/guvnor/uberfire/security/KiePlatformSecurityService.java Normal file
View file

@ -0,0 +1,37 @@
package org.chtijbug.guvnor.uberfire.security;
import org.uberfire.ext.security.management.UberfireRoleManager;
import org.uberfire.ext.security.management.api.GroupManager;
import org.uberfire.ext.security.management.api.UserManager;
import org.uberfire.ext.security.management.service.AbstractUserManagementService;
import javax.enterprise.context.Dependent;
import javax.inject.Inject;
import javax.inject.Named;
@Dependent
@Named(value = "TomcatUserManagementService")
public class KiePlatformSecurityService extends AbstractUserManagementService {
KiePlatformUserManager userManager;
KiePlatformGroupManager groupManager;
@Inject
public KiePlatformSecurityService(final KiePlatformUserManager userManager,
final KiePlatformGroupManager groupManager,
final @Named("uberfireRoleManager") UberfireRoleManager roleManager) {
super(roleManager);
this.userManager = userManager;
this.groupManager = groupManager;
}
@Override
public UserManager users() {
return new KiePlatformUserManager();
}
@Override
public GroupManager groups() {
return new KiePlatformGroupManager();
}
}

163
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-uberfire-security-service/src/main/java/org/chtijbug/guvnor/uberfire/security/KiePlatformUserManager.java Normal file
View file

@ -0,0 +1,163 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.chtijbug.guvnor.uberfire.security;
import org.jboss.errai.security.shared.api.identity.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.uberfire.commons.config.ConfigProperties;
import org.uberfire.ext.security.management.api.*;
import org.uberfire.ext.security.management.api.exception.SecurityManagementException;
import org.uberfire.ext.security.management.impl.UserManagerSettingsImpl;
import org.uberfire.ext.security.management.search.IdentifierRuntimeSearchEngine;
import org.uberfire.ext.security.management.search.UsersIdentifierRuntimeSearchEngine;
import org.uberfire.ext.security.management.util.SecurityManagementUtils;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import static org.kie.soup.commons.validation.PortablePreconditions.checkNotNull;
/**
* <p>Users manager service provider implementation for Apache tomcat, when using default realm based on properties files.</p>
*
* @since 0.8.0
*/
public class KiePlatformUserManager implements UserManager,
ContextualManager {
private static final Logger LOG = LoggerFactory.getLogger(KiePlatformUserManager.class);
UserSystemManager userSystemManager;
IdentifierRuntimeSearchEngine<User> usersSearchEngine;
public KiePlatformUserManager() {
this(new ConfigProperties(System.getProperties()));
}
public KiePlatformUserManager(final Map<String, String> gitPrefs) {
this(new ConfigProperties(gitPrefs));
}
public KiePlatformUserManager(final ConfigProperties gitPrefs) {
//loadConfig(gitPrefs);
}
@Override
public void initialize(final UserSystemManager userSystemManager) throws Exception {
this.userSystemManager = userSystemManager;
usersSearchEngine = new UsersIdentifierRuntimeSearchEngine();
}
@Override
public void destroy() throws Exception {
}
@Override
public SearchResponse<User> search(SearchRequest request) throws SecurityManagementException {
return null;
}
@Override
public User get(String identifier) throws SecurityManagementException {
return null;
}
@Override
public User create(User entity) throws SecurityManagementException {
return null;
}
@Override
public User update(User entity) throws SecurityManagementException {
return null;
}
@Override
public void delete(String... identifiers) throws SecurityManagementException {
checkNotNull("identifiers",
identifiers);
}
@Override
public UserManagerSettings getSettings() {
final Map<Capability, CapabilityStatus> capabilityStatusMap = new HashMap<Capability, CapabilityStatus>(8);
for (final Capability capability : SecurityManagementUtils.USERS_CAPABILITIES) {
capabilityStatusMap.put(capability,
getCapabilityStatus(capability));
}
return new UserManagerSettingsImpl(capabilityStatusMap,
null);
}
@Override
public void assignGroups(String username,
Collection<String> groups) throws SecurityManagementException {
Set<String> userRoles = SecurityManagementUtils.rolesToString(SecurityManagementUtils.getRoles(userSystemManager,
username));
userRoles.addAll(groups);
doAssignGroups(username,
userRoles);
}
@Override
public void assignRoles(String username,
Collection<String> roles) throws SecurityManagementException {
Set<String> userGroups = SecurityManagementUtils.groupsToString(SecurityManagementUtils.getGroups(userSystemManager,
username));
userGroups.addAll(roles);
doAssignGroups(username,
userGroups);
}
private void doAssignGroups(String username,
Collection<String> ids) throws SecurityManagementException {
}
@Override
public void changePassword(String username,
String newPassword) throws SecurityManagementException {
checkNotNull("username",
username);
}
protected CapabilityStatus getCapabilityStatus(Capability capability) {
if (capability != null) {
switch (capability) {
case CAN_SEARCH_USERS:
case CAN_ADD_USER:
case CAN_UPDATE_USER:
case CAN_DELETE_USER:
case CAN_READ_USER:
case CAN_MANAGE_ATTRIBUTES:
case CAN_ASSIGN_GROUPS:
/** As it is using the UberfireRoleManager. **/
case CAN_ASSIGN_ROLES:
case CAN_CHANGE_PASSWORD:
return CapabilityStatus.ENABLED;
}
}
return CapabilityStatus.UNSUPPORTED;
}
}

0
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/drools-framework-uberfire-security-service/src/main/resources/META-INF/beans.xml Normal file
View file

108
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/pom.xml
View file

@ -38,6 +38,13 @@
</exclusion> </exclusion>
</exclusions> </exclusions>
</dependency> </dependency>
<dependency>
<groupId>com.pymmasoftware.jbpm</groupId>
<artifactId>drools-framework-elytron-realm</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
</dependencies> </dependencies>
@ -89,6 +96,8 @@
<overWriteReleases>false</overWriteReleases> <overWriteReleases>false</overWriteReleases>
<overWriteSnapshots>false</overWriteSnapshots> <overWriteSnapshots>false</overWriteSnapshots>
<overWriteIfNewer>true</overWriteIfNewer> <overWriteIfNewer>true</overWriteIfNewer>
<excludeArtifactIds>drools-framework-elytron-realm</excludeArtifactIds>
<includeGroupIds>com.pymmasoftware.jbpm</includeGroupIds>
</configuration> </configuration>
</execution> </execution>
</executions> </executions>
@ -141,7 +150,63 @@
</archive> </archive>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.6</version>
<executions>
<execution>
<id>copy</id>
<phase>package</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>com.pymmasoftware.jbpm</groupId>
<artifactId>drools-framework-elytron-realm</artifactId>
<version>${project.version}</version>
<type>jar</type>
<overWrite>yes</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>pymma-kie-elytron.jar</destFileName>
</artifactItem>
<artifactItem>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver</artifactId>
<version>${version.mongodb.driver}</version>
<type>jar</type>
<overWrite>yes</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>mongodb-driver.jar</destFileName>
</artifactItem>
<artifactItem>
<groupId>org.mongodb</groupId>
<artifactId>bson</artifactId>
<version>${version.mongodb.driver}</version>
<type>jar</type>
<overWrite>yes</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>bson.jar</destFileName>
</artifactItem>
<artifactItem>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver-core</artifactId>
<version>${version.mongodb.driver}</version>
<type>jar</type>
<overWrite>yes</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>mongodb-driver-core.jar</destFileName>
</artifactItem>
</artifactItems>
<outputDirectory>${project.build.directory}/</outputDirectory>
<overWriteReleases>true</overWriteReleases>
<overWriteSnapshots>true</overWriteSnapshots>
</configuration>
</execution>
</executions>
</plugin>
</plugins> </plugins>
</build> </build>
<profiles> <profiles>
@ -168,9 +233,43 @@
<build> <build>
<dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir> <dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir>
<!--copies Jar to the maven directory (uses Assembly system)-->
<!--copies Jar to the maven directory (uses Assembly system)--> <!--copies Jar to the maven directory (uses Assembly system)-->
<assembly> <assembly>
<descriptorRef>artifact</descriptorRef> <mode>dir</mode>
<name>maven/</name>
<inline xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
<id>middleware-rest</id>
<files>
<file>
<source>${project.build.directory}/kie-wb.war</source>
<outputDirectory>./</outputDirectory>
<destName>kie-wb.war</destName>
</file>
<file>
<source>${project.build.directory}/pymma-kie-elytron.jar</source>
<outputDirectory>./</outputDirectory>
<destName>pymma-kie-elytron.jar</destName>
</file>
<file>
<source>${project.build.directory}/bson.jar</source>
<outputDirectory>./</outputDirectory>
<destName>bson.jar</destName>
</file>
<file>
<source>${project.build.directory}/mongodb-driver-core.jar</source>
<outputDirectory>./</outputDirectory>
<destName>mongodb-driver-core.jar</destName>
</file>
<file>
<source>${project.build.directory}/mongodb-driver.jar</source>
<outputDirectory>./</outputDirectory>
<destName>mongodb-driver.jar</destName>
</file>
</files>
</inline>
</assembly> </assembly>
<tags> <tags>
<tag>latest</tag> <tag>latest</tag>
@ -242,6 +341,11 @@
<outputDirectory>./</outputDirectory> <outputDirectory>./</outputDirectory>
<destName>kie-wb.war</destName> <destName>kie-wb.war</destName>
</file> </file>
<file>
<source>${project.build.directory}/pymma-kie-elytron.jar</source>
<outputDirectory>./</outputDirectory>
<destName>pymma-kie-elytron.jar</destName>
</file>
</files> </files>
</inline> </inline>
</assembly> </assembly>

11
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/src/main/docker/Dockerfile
View file

@ -21,8 +21,17 @@ ENV CHTIJBUG_VERSION 2.0.10
ENV KIE_DEMO false ENV KIE_DEMO false
ENV JAVA_OPTS -Xms256m -Xmx4512m ENV JAVA_OPTS -Xms256m -Xmx4512m
####### Pymma Kie Realm #########
##com.pymmasoftware.kie-realm
RUN mkdir /opt/jboss/wildfly/modules/com
RUN mkdir /opt/jboss/wildfly/modules/com/pymmasoftware
RUN mkdir /opt/jboss/wildfly/modules/com/pymmasoftware/kie-realm
RUN mkdir /opt/jboss/wildfly/modules/com/pymmasoftware/kie-realm/main
ADD maven/pymma-kie-elytron.jar /opt/jboss/wildfly/modules/com/pymmasoftware/kie-realm/main/pymma-kie-elytron.jar
ADD etc/module.xml /opt/jboss/wildfly/modules/com/pymmasoftware/kie-realm/main/module.xml
####### DROOLS-WB ############ ####### DROOLS-WB ############
ADD maven/kie-wb.war /opt/jboss/wildfly/standalone/deployments/$KIE_CONTEXT_PATH.war ADD maven/kie-wb.war /opt/jboss/wildfly/standalone/deployments/$KIE_CONTEXT_PATH.war
@ -38,7 +47,7 @@ ADD maven/kie-wb.war /opt/jboss/wildfly/standalone/deployments/$KIE_CONTEXT_PAT
USER root USER root
ADD etc/start_drools-wb.sh $JBOSS_HOME/bin/start_drools-wb.sh ADD etc/start_drools-wb.sh $JBOSS_HOME/bin/start_drools-wb.sh
RUN chown jboss:jboss $JBOSS_HOME/bin/start_drools-wb.sh RUN chown jboss:jboss $JBOSS_HOME/bin/start_drools-wb.sh
RUN chown -R jboss:jboss /opt/jboss/wildfly/modules/com/pymmasoftware
####### ENVIRONMENT ############ ####### ENVIRONMENT ############

16
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/src/main/docker/etc/module.xml Normal file
View file

@ -0,0 +1,16 @@
<?xml version='1.0' encoding='UTF-8'?>
<module xmlns="urn:jboss:module:1.1" name="com.pymmasoftware.kie-realm">
<resources>
<resource-root path="pymma-kie-elytron.jar"/>
<resource-root path="bson.jar"/>
<resource-root path="mongodb-driver-core.jar"/>
<resource-root path="mongodb-driver.jar"/>
</resources>
<dependencies>
<module name="org.wildfly.security.elytron"/>
<module name="org.wildfly.extension.elytron"/>
</dependencies>
</module>

6
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/src/main/docker/etc/standalone-full-drools.xml
View file

@ -251,6 +251,12 @@
</security-domain> </security-domain>
</security-domains> </security-domains>
<security-realms> <security-realms>
<custom-realm name="pymmaKieRealm" module="com.pymmasoftware.kie-realm" class-name="org.chtijbug.wildfly.realm.PymmaKieRealm">
<configuration>
<property name="connectionString" value="mongodb://mongodb:27017"/>
<property name="name" value="businessProxyDB"/>
</configuration>
</custom-realm>
<identity-realm name="local" identity="$local"/> <identity-realm name="local" identity="$local"/>
<properties-realm name="ApplicationRealm"> <properties-realm name="ApplicationRealm">
<users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/> <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/>

2
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/pom.xml
View file

@ -14,6 +14,8 @@
<module>kie-wb</module> <module>kie-wb</module>
<module>kie-drools-framework-rest-backend</module> <module>kie-drools-framework-rest-backend</module>
<module>drools-framework-kie-wb-rest-pojo</module> <module>drools-framework-kie-wb-rest-pojo</module>
<module>drools-framework-uberfire-security-service</module>
<module>drools-framework-elytron-realm</module>
</modules> </modules>
<dependencyManagement> <dependencyManagement>

3
pom.xml
View file

@ -30,6 +30,9 @@
<version.thorntail>2.2.1.Final</version.thorntail> <version.thorntail>2.2.1.Final</version.thorntail>
<!--registry.host>registry.hub.docker.com/pymmasoftware</registry.host--> <!--registry.host>registry.hub.docker.com/pymmasoftware</registry.host-->
<registry.host>192.168.1.122:18083</registry.host> <registry.host>192.168.1.122:18083</registry.host>
<version.org.wildfly.security.wildfly-elytron>1.2.3.Final</version.org.wildfly.security.wildfly-elytron>
<version.org.wildfly.core>4.0.0.Final</version.org.wildfly.core>
<version.mongodb.driver>3.8.2</version.mongodb.driver>
<version.number>${git.commit.time}.${git.commit.id.abbrev}</version.number> <version.number>${git.commit.time}.${git.commit.id.abbrev}</version.number>
</properties> </properties>
<profiles> <profiles>