EncryptableSubsystemHelper.java

package org.infinispan.server.endpoint.subsystem;

import org.jboss.as.controller.ExpressionResolver;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceBuilder;

public class EncryptableSubsystemHelper {

   private EncryptableSubsystemHelper() {
   }

   static void processEncryption(ExpressionResolver context, ModelNode config, EncryptableService service, ServiceBuilder<?> builder) throws OperationFailedException {
      if (config.hasDefined(ModelKeys.ENCRYPTION) && config.get(ModelKeys.ENCRYPTION, ModelKeys.ENCRYPTION_NAME).isDefined()) {
         config = config.get(ModelKeys.ENCRYPTION, ModelKeys.ENCRYPTION_NAME);
         EndpointUtils.addSecurityRealmDependency(
               builder,
               EncryptionResource.SECURITY_REALM.resolveModelAttribute(context, config).asString(),
               service.getEncryptionSecurityRealm()
         );

         if(config.get(ModelKeys.SNI).isDefined()) {
            for(ModelNode sniConfiguration : config.get(ModelKeys.SNI).asList()) {
               // if the security realm is missing, a default one will be used
               ModelNode sni = sniConfiguration.get(0);
               if(sni.hasDefined(ModelKeys.SECURITY_REALM)) {
                  String sniHostName = SniResource.HOST_NAME.resolveModelAttribute(context, sni).asString();
                  String securityRealm = SniResource.SECURITY_REALM.resolveModelAttribute(context, sni).asString();
                  EndpointUtils.addSecurityRealmDependency(builder, securityRealm, service.getSniSecurityRealm(sniHostName));
               }
            }
         }
         service.setClientAuth(EncryptionResource.REQUIRE_SSL_CLIENT_AUTH.resolveModelAttribute(context, config).asBoolean());
      }
   }

}