[wildfly-dev] Subsystem Hierarchy

Jean-Francois Denise jdenise at redhat.com
Wed Sep 28 11:44:43 EDT 2016 

Daran,

I have looked at the /subsystem=elytron content. From this long list it 
is difficult to extract use cases.

Grouping the resources (as Claudio did) in a way that reflects your 
object model 
(https://docs.jboss.org/author/display/WFLY/WildFly+Elytron+Security) 
can help. Thinking at various administrator use cases (that would 
activate multiple resources in sequential steps) could help define the 
best security related CLI commands.

I guess that we would not expose commands for everything but if we cover 
the main actions, the low level operation support (with completion for 
capabilities) would help handle the missing pieces.

I am available if you are ready to teach me a bit ;-).

Thanks.

JF


On 28/09/16 17:20, Claudio Miranda wrote:
> On Wed, Sep 28, 2016 at 9:53 AM, Harald Pehl <hpehl at redhat.com> wrote:
>> More important to me is a logical grouping of resources which belong
>> together. This should be reflected in both the documentation and in HAL.
> This is the grouping I did, suggestions are welcome
>
> * Role Mapper
> add-prefix-role-mapper
> add-suffix-role-mapper
> aggregate-role-mapper
> constant-role-mapper
> custom-role-mapper
> logical-role-mapper
>
> * Decoder
> aggregate-principal-decoder
> concatenating-principal-decoder
> constant-principal-decoder
> custom-principal-decoder
> x500-attribute-principal-decoder
> custom-role-decoder
> empty-role-decoder
> simple-role-decoder
>
> * Factory
> aggregate-http-server-mechanism-factory
> aggregate-sasl-server-factory
> configurable-http-server-mechanism-factory
> configurable-sasl-server-factory
> custom-credential-security-factory
> http-authentication-factory
> kerberos-security-factory
> mechanism-provider-filtering-sasl-server-factory
> provider-http-server-mechanism-factory
> provider-sasl-server-factory
> sasl-authentication-factory
> service-loader-http-server-mechanism-factory
> service-loader-sasl-server-factory
>
> * Realm
> properties-realm
> filesystem-realm
> jdbc-realm
> ldap-realm
> key-store-realm
> aggregate-realm
> custom-modifiable-realm
> custom-realm
> custom-realm-mapper
> mapped-regex-realm-mapper
> simple-regex-realm-mapper
>
> * Rewriter
> aggregate-name-rewriter
> chained-name-rewriter
> constant-name-rewriter
> custom-name-rewriter
> regex-name-validating-rewriter
> regex-name-rewriter
>
> * Permission Mapper
> custom-permission-mapper
> logical-permission-mapper
> simple-permission-mapper
>
> * SSL
> key-managers
> key-store
> provider-loader
> server-ssl-context
> trust-managers
>
> * Security Domain
> security-domain
> security-property
>
> * LDAP Connection
> dir-context
>
>

More information about the wildfly-dev mailing list