Design Notes for Elytron subsystem configuration in HAL

Version 1

    Goal

     

    Add support in HAL to configure Elytron subsystem (address /subsystem=elytron).

     

    Info

     

    HAL jira [HAL-1186] Add support for Elytron configuration to HAL - JBoss Issue Tracker

     

    Dev contact: Claudio Miranda claudio .at. redhat.com

     

    List of resources

     

    There are many child resources and they must be grouped, so this is the list of resources and its group name

     

    * Role Mapper

    add-prefix-role-mapper

    add-suffix-role-mapper

    aggregate-role-mapper

    constant-role-mapper

    custom-role-mapper

    logical-role-mapper

     

    * Decoder

      Principal Decoder

    aggregate-principal-decoder

    concatenating-principal-decoder

    constant-principal-decoder

    custom-principal-decoder

    x500-attribute-principal-decoder

     

      Role Decoder

    custom-role-decoder

    empty-role-decoder

    simple-role-decoder

     

    * Factory

    aggregate-http-server-mechanism-factory

    aggregate-sasl-server-factory

    configurable-http-server-mechanism-factory

    configurable-sasl-server-factory

    custom-credential-security-factory

    http-authentication-factory

    kerberos-security-factory

    mechanism-provider-filtering-sasl-server-factory

    provider-http-server-mechanism-factory

    provider-sasl-server-factory

    sasl-authentication-factory

    service-loader-http-server-mechanism-factory

    service-loader-sasl-server-factory

     

    * Realm

    aggregate-realm

    filesystem-realm

    jdbc-realm

    properties-realm

    key-store-realm

    ldap-realm

    custom-modifiable-realm

    custom-realm

     

      Realm Mapper

    custom-realm-mapper

    mapped-regex-realm-mapper

    simple-regex-realm-mapper

     

    * Rewriter

    aggregate-name-rewriter

    chained-name-rewriter

    constant-name-rewriter

    custom-name-rewriter

    regex-name-validating-rewriter

    regex-name-rewriter

     

    * Permission Mapper

    custom-permission-mapper

    logical-permission-mapper

    simple-permission-mapper

     

    * SSL

    key-managers

    key-store

    provider-loader

    server-ssl-context

    trust-managers

     

    * Security Domain

    security-domain

    security-property

     

    * LDAP Connection

    dir-context

     

    There is

     

    UI organization

     

    From a UI perspective, HAL already contains layouts and panels to organize resources, see EJB subsystem for an example of a subsystem with many resources.

     

    The elytron subsystem will be organized in Tabs and Pages

     

    The Tabs are: SSL, Security Domain, Factory, Security Realm, Decoder,

     

    The pages are like vertical tabs, there will be a page for each resource.

     

    More details will be explained as the analysis is performed.