[WFCORE-7058]: CachingRealm should start lazily in admin only mode.

* updating the start mode to LAZY if the server is in admin-mode * adding a proper error message if the caching realm service is not UP when the user tries to clear the cache. Issue: https://issues.redhat.com/browse/WFCORE-7058 Signed-off-by: Emmanuel Hugonnet <[email protected]>
wildfly · Nov 19, 2024 · 1e8448c · 1e8448c
1 parent b7f831e
commit 1e8448c
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/CachingRealmDefinition.java b/elytron/src/main/java/org/wildfly/extension/elytron/CachingRealmDefinition.java
@@ -17,6 +17,7 @@
 import org.jboss.as.controller.PathAddress;
 import org.jboss.as.controller.PathElement;
 import org.jboss.as.controller.ResourceDefinition;
+import org.jboss.as.controller.RunningMode;
 import org.jboss.as.controller.SimpleAttributeDefinition;
 import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
 import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
@@ -30,7 +31,6 @@
 import org.jboss.msc.inject.Injector;
 import org.jboss.msc.service.ServiceBuilder;
 import org.jboss.msc.service.ServiceController;
-import org.jboss.msc.service.ServiceController.Mode;
 import org.jboss.msc.service.ServiceName;
 import org.jboss.msc.service.ServiceRegistry;
 import org.jboss.msc.service.ServiceTarget;
@@ -117,7 +117,7 @@ protected void performRuntime(OperationContext context, ModelNode operation, Mod
             ServiceBuilder<SecurityRealm> serviceBuilder = serviceTarget.addService(realmName, createService(cacheableRealm, maxEntries, maxAge, cacheableRealmValue));
 
             addRealmDependency(context, serviceBuilder, cacheableRealm, cacheableRealmValue);
-            commonDependencies(serviceBuilder).setInitialMode(Mode.ACTIVE).install();
+            commonDependencies(serviceBuilder).setInitialMode(context.getRunningMode() == RunningMode.ADMIN_ONLY ? ServiceController.Mode.LAZY : ServiceController.Mode.ACTIVE).install();
         }
 
         private TrivialService<SecurityRealm> createService(String realmName, int maxEntries, long maxAge, InjectedValue<SecurityRealm> injector) {
@@ -170,6 +170,9 @@ protected void executeRuntimeStep(final OperationContext context, final ModelNod
             RuntimeCapability<Void> runtimeCapability = SECURITY_REALM_RUNTIME_CAPABILITY.fromBaseCapability(currentAddress.getLastElement().getValue());
             ServiceName realmName = runtimeCapability.getCapabilityServiceName();
             ServiceController<SecurityRealm> serviceController = getRequiredService(serviceRegistry, realmName, SecurityRealm.class);
+            if(serviceController.getState() != ServiceController.State.UP) {
+                throw ElytronSubsystemMessages.ROOT_LOGGER.cachedRealmServiceNotAvailable();
+            }
             CachingSecurityRealm securityRealm = CachingSecurityRealm.class.cast(serviceController.getValue());
             securityRealm.removeAllFromCache();
         }

diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java b/elytron/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java
@@ -341,6 +341,9 @@ public interface ElytronSubsystemMessages extends BasicLogger {
     @Message(id = 49, value = "Entry is not defined.")
     StartException jaasEntryNotDefined();
 
+    @Message(id = 50, value = "The realm is not available. You can't flush the cache.")
+    OperationFailedException cachedRealmServiceNotAvailable();
+
     /*
      * Credential Store Section.
      */