@Override
public void tearDown(ManagementClient managementClient) throws Exception {
final ModelControllerClient client = managementClient.getControllerClient();
ModelNode operation =
createOpNode(
"core-service=management/management-interface=native-interface",
ModelDescriptionConstants.REMOVE);
CoreUtils.applyUpdate(operation, client);
operation =
createOpNode(
"socket-binding-group=standard-sockets/socket-binding=management-native",
ModelDescriptionConstants.REMOVE);
CoreUtils.applyUpdate(operation, client);
FileUtils.deleteDirectory(WORK_DIR);
}
public void setup(ManagementClient managementClient) throws Exception {
// create key and trust stores with imported certificates from opposing sides
FileUtils.deleteDirectory(WORK_DIR);
WORK_DIR.mkdirs();
CoreUtils.createKeyMaterial(WORK_DIR);
// create jboss-cli.xml files with valid/invalid keystore certificates
FileUtils.write(
TRUSTED_JBOSS_CLI_FILE,
CoreUtils.propertiesReplacer(
JBOSS_CLI_FILE,
CLIENT_KEYSTORE_FILE,
CLIENT_TRUSTSTORE_FILE,
SecurityTestConstants.KEYSTORE_PASSWORD));
FileUtils.write(
UNTRUSTED_JBOSS_CLI_FILE,
CoreUtils.propertiesReplacer(
JBOSS_CLI_FILE,
UNTRUSTED_KEYSTORE_FILE,
CLIENT_TRUSTSTORE_FILE,
SecurityTestConstants.KEYSTORE_PASSWORD));
final ModelControllerClient client = managementClient.getControllerClient();
// secure http interface
ModelNode operation =
createOpNode(
"core-service=management/management-interface=http-interface",
ModelDescriptionConstants.WRITE_ATTRIBUTE_OPERATION);
operation.get(NAME).set("security-realm");
operation.get(VALUE).set(MANAGEMENT_NATIVE_REALM);
CoreUtils.applyUpdate(operation, client);
operation =
createOpNode(
"core-service=management/management-interface=http-interface",
ModelDescriptionConstants.WRITE_ATTRIBUTE_OPERATION);
operation.get(NAME).set("secure-socket-binding");
operation.get(VALUE).set("management-https");
CoreUtils.applyUpdate(operation, client);
// add native socket binding
operation =
createOpNode(
"socket-binding-group=standard-sockets/socket-binding=management-native",
ModelDescriptionConstants.ADD);
operation.get("port").set(MANAGEMENT_NATIVE_PORT);
operation.get("interface").set("management");
CoreUtils.applyUpdate(operation, client);
// create native interface to control server while http interface
// will be secured
operation =
createOpNode(
"core-service=management/management-interface=native-interface",
ModelDescriptionConstants.ADD);
operation.get("security-realm").set("ManagementRealm");
operation.get("socket-binding").set("management-native");
CoreUtils.applyUpdate(operation, client);
}