Refine search
private AccessLogDefinition() { super(new Parameters(UndertowExtension.PATH_ACCESS_LOG, UndertowExtension.getResolver(Constants.ACCESS_LOG)) .setAddHandler(AccessLogAdd.INSTANCE) .setRemoveHandler(AccessLogRemove.INSTANCE) .setCapabilities(ACCESS_LOG_CAPABILITY) ); SensitivityClassification sc = new SensitivityClassification(UndertowExtension.SUBSYSTEM_NAME, "web-access-log", false, false, false); this.accessConstraints = new SensitiveTargetAccessConstraintDefinition(sc).wrapAsList(); }
@Override public List<AccessConstraintDefinition> getAccessConstraints() { return ModClusterExtension.MOD_CLUSTER_SECURITY_DEF.wrapAsList(); }
private ApplicationSecurityDomainDefinition() { this((Parameters) new Parameters(UndertowExtension.PATH_APPLICATION_SECURITY_DOMAIN, UndertowExtension.getResolver(Constants.APPLICATION_SECURITY_DOMAIN)) .setCapabilities(APPLICATION_SECURITY_DOMAIN_RUNTIME_CAPABILITY) .addAccessConstraints(new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(UndertowExtension.SUBSYSTEM_NAME, Constants.APPLICATION_SECURITY_DOMAIN, false, false, false)), new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig(UndertowExtension.SUBSYSTEM_NAME, Constants.APPLICATION_SECURITY_DOMAIN))) , new AddHandler()); }
private SystemPropertyResourceDefinition(Location location, ProcessEnvironmentSystemPropertyUpdater systemPropertyUpdater, boolean useBoottime) { super(PATH, new ReplaceResourceNameResourceDescriptionResolver(location, SYSTEM_PROPERTY), new SystemPropertyAddHandler(systemPropertyUpdater, useBoottime, useBoottime ? ALL_ATTRIBUTES : SERVER_ATTRIBUTES), new SystemPropertyRemoveHandler(systemPropertyUpdater)); this.systemPropertyUpdater = systemPropertyUpdater; this.useBoottime = useBoottime; AccessConstraintDefinition acd = new SensitiveTargetAccessConstraintDefinition(SensitivityClassification.SYSTEM_PROPERTY); sensitivity = Collections.singletonList(acd); }
private boolean isSensitiveResource(TargetResource target, Action.ActionEffect effect) { for (AccessConstraintDefinition constraintDefinition : target.getAccessConstraints()) { if (constraintDefinition instanceof SensitiveTargetAccessConstraintDefinition) { SensitiveTargetAccessConstraintDefinition stcd = (SensitiveTargetAccessConstraintDefinition) constraintDefinition; SensitivityClassification sensitivity = stcd.getSensitivity(); if (sensitivity.isSensitive(effect)) { return true; } } } return false; }
@Override public List<AccessConstraintDefinition> getAccessConstraints() { return MODESHAPE_SECURITY_DEF.wrapAsList(); } }
private ApplicationSecurityDomainDefinition() { this(new Parameters(PathElement.pathElement(EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN), EJB3Extension.getResourceDescriptionResolver(EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN)) .setCapabilities(APPLICATION_SECURITY_DOMAIN_RUNTIME_CAPABILITY) .addAccessConstraints(new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(EJB3Extension.SUBSYSTEM_NAME, EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN, false, false, false)), new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig(EJB3Extension.SUBSYSTEM_NAME, EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN))) , new AddHandler()); }
private SystemPropertyResourceDefinition(Location location, ProcessEnvironmentSystemPropertyUpdater systemPropertyUpdater, boolean useBoottime) { super(new Parameters(PATH, new ReplaceResourceNameResourceDescriptionResolver(location, SYSTEM_PROPERTY)) .setAddHandler(new SystemPropertyAddHandler(systemPropertyUpdater, useBoottime ? ALL_ATTRIBUTES : SERVER_ATTRIBUTES)) .setRemoveHandler(new SystemPropertyRemoveHandler(systemPropertyUpdater)) .setAccessConstraints(new SensitiveTargetAccessConstraintDefinition(SensitivityClassification.SYSTEM_PROPERTY))); this.systemPropertyUpdater = systemPropertyUpdater; this.useBoottime = useBoottime; }
private boolean isSensitiveAction(Action action, Action.ActionEffect effect) { for (AccessConstraintDefinition constraintDefinition : action.getAccessConstraints()) { if (constraintDefinition instanceof SensitiveTargetAccessConstraintDefinition) { SensitiveTargetAccessConstraintDefinition stcd = (SensitiveTargetAccessConstraintDefinition) constraintDefinition; SensitivityClassification sensitivity = stcd.getSensitivity(); if (sensitivity.isSensitive(effect)) { return true; } } } return false; }
private AccessLogDefinition() { super(new Parameters(UndertowExtension.PATH_ACCESS_LOG, UndertowExtension.getResolver(Constants.ACCESS_LOG)) .setAddHandler(AccessLogAdd.INSTANCE) .setRemoveHandler(AccessLogRemove.INSTANCE) .setCapabilities(ACCESS_LOG_CAPABILITY) ); SensitivityClassification sc = new SensitivityClassification(UndertowExtension.SUBSYSTEM_NAME, "web-access-log", false, false, false); this.accessConstraints = new SensitiveTargetAccessConstraintDefinition(sc).wrapAsList(); }
@Override public List<AccessConstraintDefinition> getAccessConstraints() { return ModClusterExtension.MOD_CLUSTER_SECURITY_DEF.wrapAsList(); }
BasicResourceDefinition(String pathKey, ResourceDescriptionResolver resourceDescriptionResolver, AbstractAddStepHandler add, AttributeDefinition[] attributes, RuntimeCapability<?>... runtimeCapabilities) { super(new Parameters(PathElement.pathElement(pathKey), resourceDescriptionResolver) .setAddHandler(add) .setRemoveHandler(new ServiceRemoveStepHandler(add, runtimeCapabilities)) .setAddRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES) .setRemoveRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES) .setCapabilities(runtimeCapabilities) .addAccessConstraints(new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(SecurityExtension.SUBSYSTEM_NAME, Constants.ELYTRON_SECURITY, true, true, true)), new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig(SecurityExtension.SUBSYSTEM_NAME, Constants.ELYTRON_SECURITY, false)))); this.pathKey = pathKey; this.firstCapability = runtimeCapabilities[0]; this.attributes = attributes; }
private SystemPropertyResourceDefinition(Location location, ProcessEnvironmentSystemPropertyUpdater systemPropertyUpdater, boolean useBoottime) { super(new Parameters(PATH, new ReplaceResourceNameResourceDescriptionResolver(location, SYSTEM_PROPERTY)) .setAddHandler(new SystemPropertyAddHandler(systemPropertyUpdater, useBoottime ? ALL_ATTRIBUTES : SERVER_ATTRIBUTES)) .setRemoveHandler(new SystemPropertyRemoveHandler(systemPropertyUpdater)) .setAccessConstraints(new SensitiveTargetAccessConstraintDefinition(SensitivityClassification.SYSTEM_PROPERTY))); this.systemPropertyUpdater = systemPropertyUpdater; this.useBoottime = useBoottime; }
private boolean isSensitiveAction(Action action, Action.ActionEffect effect) { for (AccessConstraintDefinition constraintDefinition : action.getAccessConstraints()) { if (constraintDefinition instanceof SensitiveTargetAccessConstraintDefinition) { SensitiveTargetAccessConstraintDefinition stcd = (SensitiveTargetAccessConstraintDefinition) constraintDefinition; SensitivityClassification sensitivity = stcd.getSensitivity(); if (sensitivity.isSensitive(effect)) { return true; } } } return false; }
private AccessLogDefinition() { super(new Parameters(UndertowExtension.PATH_ACCESS_LOG, UndertowExtension.getResolver(Constants.ACCESS_LOG)) .setAddHandler(AccessLogAdd.INSTANCE) .setRemoveHandler(AccessLogRemove.INSTANCE) .setCapabilities(ACCESS_LOG_CAPABILITY) ); SensitivityClassification sc = new SensitivityClassification(UndertowExtension.SUBSYSTEM_NAME, "web-access-log", false, false, false); this.accessConstraints = new SensitiveTargetAccessConstraintDefinition(sc).wrapAsList(); }
private NativeManagementResourceDefinition() { super(RESOURCE_PATH, ServerDescriptions.getResourceDescriptionResolver("core.management.native-interface"), NativeManagementAddHandler.INSTANCE, NativeManagementRemoveHandler.INSTANCE, OperationEntry.Flag.RESTART_NONE, OperationEntry.Flag.RESTART_NONE); this.accessConstraints = SensitiveTargetAccessConstraintDefinition.MANAGEMENT_INTERFACES.wrapAsList(); }
private ApplicationSecurityDomainDefinition() { this((Parameters) new Parameters(UndertowExtension.PATH_APPLICATION_SECURITY_DOMAIN, UndertowExtension.getResolver(Constants.APPLICATION_SECURITY_DOMAIN)) .setCapabilities(APPLICATION_SECURITY_DOMAIN_RUNTIME_CAPABILITY) .addAccessConstraints(new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(UndertowExtension.SUBSYSTEM_NAME, Constants.APPLICATION_SECURITY_DOMAIN, false, false, false)), new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig(UndertowExtension.SUBSYSTEM_NAME, Constants.APPLICATION_SECURITY_DOMAIN))) , new AddHandler()); }
private boolean isSensitiveAction(Action action, Action.ActionEffect effect) { for (AccessConstraintDefinition constraintDefinition : action.getAccessConstraints()) { if (constraintDefinition instanceof SensitiveTargetAccessConstraintDefinition) { SensitiveTargetAccessConstraintDefinition stcd = (SensitiveTargetAccessConstraintDefinition) constraintDefinition; SensitivityClassification sensitivity = stcd.getSensitivity(); if (sensitivity.isSensitive(effect)) { return true; } } } return false; }
private HttpManagementResourceDefinition() { super(RESOURCE_PATH, ServerDescriptions.getResourceDescriptionResolver("core.management.http-interface"), HttpManagementAddHandler.INSTANCE, HttpManagementRemoveHandler.INSTANCE, OperationEntry.Flag.RESTART_NONE, OperationEntry.Flag.RESTART_NONE); this.accessConstraints = SensitiveTargetAccessConstraintDefinition.MANAGEMENT_INTERFACES.wrapAsList(); }
private ApplicationSecurityDomainDefinition() { this((Parameters) new Parameters(UndertowExtension.PATH_APPLICATION_SECURITY_DOMAIN, UndertowExtension.getResolver(Constants.APPLICATION_SECURITY_DOMAIN)) .setCapabilities(APPLICATION_SECURITY_DOMAIN_RUNTIME_CAPABILITY) .addAccessConstraints(new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(UndertowExtension.SUBSYSTEM_NAME, Constants.APPLICATION_SECURITY_DOMAIN, false, false, false)), new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig(UndertowExtension.SUBSYSTEM_NAME, Constants.APPLICATION_SECURITY_DOMAIN))) , new AddHandler()); }