[WFCORE-5101] Use ActiveSessionsSSLContext instead of DynamicSSLConte…

…xt to avoid dependency on unsupported module
wildfly · Mar 21, 2024 · 8cabe0b · 8cabe0b
1 parent eb39ba3
commit 8cabe0b
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/elytron/src/main/java/org/wildfly/extension/elytron/SSLContextResource.java b/elytron/src/main/java/org/wildfly/extension/elytron/SSLContextResource.java
@@ -21,7 +21,7 @@
 import org.jboss.msc.service.ServiceController;
 import org.jboss.msc.service.ServiceController.State;
 import org.wildfly.common.iteration.ByteIterator;
-import org.wildfly.security.dynamic.ssl.DynamicSSLContext;
+import org.wildfly.security.auth.client.ActiveSessionsSSLContext;
 
 /**
  * A {@link Resource} to represent a server-ssl-context/client-ssl-context, the majority is actually model
@@ -130,8 +130,8 @@ public Resource clone() {
      */
     private boolean hasActiveSessions() {
         final SSLContext sslContext = getSSLContext(sslContextServiceController);
-        if (sslContext instanceof DynamicSSLContext) {
-            return false;
+        if (sslContext instanceof ActiveSessionsSSLContext) {
+            return ((ActiveSessionsSSLContext) sslContext).hasActiveSessions();
         }
         if (sslContext == null) return false;
         SSLSessionContext sslSessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext();

diff --git a/...ron/src/test/resources/org/wildfly/extension/elytron/elytron-subsystem-community-18.0.xml b/...ron/src/test/resources/org/wildfly/extension/elytron/elytron-subsystem-community-18.0.xml
@@ -5,6 +5,9 @@
 
 <!-- for needs of DomainTestCase -->
 <subsystem xmlns="urn:wildfly:elytron:community:18.0" register-jaspi-factory="false" default-ssl-context="client">
+    <authentication-client>
+        <authentication-context name="myAC" />
+    </authentication-client>
     <security-domains>
         <security-domain name="MyDomain" default-realm="FileRealm" realm-mapper="MyRealmMapper" permission-mapper="MyPermissionMapper"
                          pre-realm-principal-transformer="NameRewriterXY" post-realm-principal-transformer="NameRewriterYU" trusted-security-domains="AnotherDomain">
@@ -349,6 +352,9 @@
                 <sni-mapping host=".*\.server" ssl-context="server2" />
             </server-ssl-sni-context>
         </server-ssl-sni-contexts>
+        <dynamic-client-ssl-contexts>
+            <dynamic-client-ssl-context name="dynamicClientSSLContext" authentication-context="myAC"/>
+        </dynamic-client-ssl-contexts>
     </tls>
     <credential-stores>
         <credential-store name="test1" relative-to="jboss.server.data.dir" location="test1.store" create="true">