Tomaz Cerar ctomc

## gist:3783892
These are all with Report on differences in the model when the management versions are different? y/[n]: y

>>>>>DOMAIN

====== Comparing core models ======
====== Resource root address: [] - Current version: 1.4.0; legacy version: 1.2.0 =======
--- Problems for relative address to root []:
Missing attributes in current: []; missing in legacy [launch-type]
<<ok
Different 'nillable' for attribute 'local-host-name'. Current: true; legacy: false

## ds-compare
All the changes below look like they are ware wrong in legacy version
====== Comparing core models ======
====== Resource root address: [] - Current version: 1.4.0; legacy version: 1.4.0 =======
--- Problems for relative address to root ["deployment" => "*","subdeployment" => "*","subsystem" => "datasources","data-source" => "*"]:
Different 'expressions-allowed' for attribute 'enabled'. Current: false; legacy: true
Different 'default' for attribute 'enabled'. Current: true; legacy: false
--this attribute should be resource-only (by @maeste) but that breaks tests and operations

Different 'nillable' for attribute 'exception-sorter-properties'. Current: true; legacy: false
Different 'nillable' for attribute 'reauth-plugin-properties'. Current: true; legacy: false

## gist:4136081
if (con instanceof HttpsURLConnection) {
                log.info("setting non validating ssl socket factory");
                HttpsURLConnection ssl = (HttpsURLConnection) con;
                TrustAllSecurityManager.setAllTrustingValidators(ssl);
            }


public class TrustAllSecurityManager {
    private static final Logger log = LoggerFactory.getLogger(TrustAllSecurityManager.class);

## gist:4320163
  static class JASPIAuthenticationModulesAttributeWriter implements OperationStepHandler {
        @Override
        public void execute(OperationContext context, ModelNode operation) throws OperationFailedException {
            OperationStepHandler addHandler = context.getResourceRegistration().getSubModel(PathAddress.EMPTY_ADDRESS.append(AUTH_MODULE)).getOperationHandler(PathAddress.EMPTY_ADDRESS, "add");
            for (ModelNode module : operation.get(VALUE).asList()) {
                ModelNode addModuleOp = module.clone();
                String code = addModuleOp.get(CODE).asString();
                PathElement relativePath = PathElement.pathElement(AUTH_MODULE, code);
                PathAddress address = PathAddress.pathAddress(operation.get(OP_ADDR)).append(relativePath);
                boolean exists = context.readResource(PathAddress.EMPTY_ADDRESS).hasChild(relativePath);

## gist:4663307
transformer:

DiscardUndefinedAttributesTransformer discarder = new DiscardUndefinedAttributesTransformer(AbstractKeyGeneratorResourceDefinition.JNDI_NAME);
        builder.addChildResource(CmpSubsystemModel.UUID_KEY_GENERATOR_PATH).setCustomResourceTransformer(discarder)
                .addOperationTransformationOverride(ModelDescriptionConstants.ADD).setCustomOperationTransformer(discarder)
                .inheritResourceAttributeDefinitions()
                .end()
                .addOperationTransformationOverride(ModelDescriptionConstants.WRITE_ATTRIBUTE_OPERATION).setCustomOperationTransformer(discarder.getWriteAttributeTransformer())
                .inheritResourceAttributeDefinitions()
                .end()

## gist:4678429
    static void registerTransformers(final TransformersSubRegistration registration, final TransformersSubRegistration loggingProfileReg,
                                     final PathElement handlerPath, final AttributeDefinition[] additionalAttributes, final String... additionalOperations) {
        final ResourceTransformationDescriptionBuilder builder = TransformationDescriptionBuilder.Factory.createInstance(handlerPath)
                .addRawOperationTransformationOverride(ADD, LoggingOperationTransformer.INSTANCE)
                .addRawOperationTransformationOverride(WRITE_ATTRIBUTE_OPERATION, LoggingOperationTransformer.INSTANCE)
                .addRawOperationTransformationOverride(UPDATE_OPERATION_NAME, LoggingOperationTransformer.INSTANCE)
                .getAttributeBuilder().addRejectCheck(RejectAttributeChecker.SIMPLE_EXPRESSIONS, DEFAULT_ATTRIBUTES)
                .addRejectCheck(RejectAttributeChecker.SIMPLE_EXPRESSIONS, LEGACY_ATTRIBUTES)
                .addRejectCheck(RejectAttributeCh

## common ssl example.xml
   <subsystem xmlns="urn:jboss:domain:security:2.0">
       <security-domains>
           <security-domain name="other" cache-type="default" >
           ...
           </security-domain>
       </security-domains>
      <keystores>
        <store-definitions>
            <store-defintion name="web-certs" type="jks" path="/path/to/some.jks"/>
            <store-defintion name="kerberos-certs" type="keytab" path="/path/to/krb5.keytab"/>

## undertow
<subsystem xmlns="urn:jboss:domain:undertow:1.0">
    <worker name="default" task-core-threads="12" io-threads="3"/>
    <buffer-pool name="default" buffer-size="1024" buffers-per-slice="1024"/>


    <virtual-host default-host="localhost">
        <http-listener name="default" socket-binding="http" worker="default" buffer-pool="default"/>
        <ajp-listener name="ajp-connector" socket-binding="ajp"/>

        <handlers>

## platform-mbean diff
Enter legacy AS version: 7.1.3.Final
Using target model: 7.1.3.Final
Enter type [S](standalone)/H(host)/D(domain)/F(domain + host):S
Read from target directory or from the legacy-models directory - t/[l]:
Report on differences in the model when the management versions are different? y/[n]: y
Reporting on differences in the model when the management versions are different
Loading legacy model versions for 7.1.3.Final....
Loaded legacy model versions
Loading model versions for currently running server...

## nginx proxy cert
location / {
        index  index.html index.htm;
        proxy_set_header Host $host;
        proxy_set_header SSL_SESSION_ID $ssl_session_id;
        proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
        proxy_set_header SSL_CIPHER $ssl_cipher
        proxy_pass   http://localhost:8080;
    }
	These are all with Report on differences in the model when the management versions are different? y/[n]: y

	>>>>>DOMAIN

	====== Comparing core models ======
	====== Resource root address: [] - Current version: 1.4.0; legacy version: 1.2.0 =======
	--- Problems for relative address to root []:
	Missing attributes in current: []; missing in legacy [launch-type]
	<<ok
	Different 'nillable' for attribute 'local-host-name'. Current: true; legacy: false
	All the changes below look like they are ware wrong in legacy version
	====== Comparing core models ======
	====== Resource root address: [] - Current version: 1.4.0; legacy version: 1.4.0 =======
	--- Problems for relative address to root ["deployment" => "","subdeployment" => "","subsystem" => "datasources","data-source" => "*"]:
	Different 'expressions-allowed' for attribute 'enabled'. Current: false; legacy: true
	Different 'default' for attribute 'enabled'. Current: true; legacy: false
	--this attribute should be resource-only (by @maeste) but that breaks tests and operations

	Different 'nillable' for attribute 'exception-sorter-properties'. Current: true; legacy: false
	Different 'nillable' for attribute 'reauth-plugin-properties'. Current: true; legacy: false
	if (con instanceof HttpsURLConnection) {
	log.info("setting non validating ssl socket factory");
	HttpsURLConnection ssl = (HttpsURLConnection) con;
	TrustAllSecurityManager.setAllTrustingValidators(ssl);
	}


	public class TrustAllSecurityManager {
	private static final Logger log = LoggerFactory.getLogger(TrustAllSecurityManager.class);
	static class JASPIAuthenticationModulesAttributeWriter implements OperationStepHandler {
	@Override
	public void execute(OperationContext context, ModelNode operation) throws OperationFailedException {
	OperationStepHandler addHandler = context.getResourceRegistration().getSubModel(PathAddress.EMPTY_ADDRESS.append(AUTH_MODULE)).getOperationHandler(PathAddress.EMPTY_ADDRESS, "add");
	for (ModelNode module : operation.get(VALUE).asList()) {
	ModelNode addModuleOp = module.clone();
	String code = addModuleOp.get(CODE).asString();
	PathElement relativePath = PathElement.pathElement(AUTH_MODULE, code);
	PathAddress address = PathAddress.pathAddress(operation.get(OP_ADDR)).append(relativePath);
	boolean exists = context.readResource(PathAddress.EMPTY_ADDRESS).hasChild(relativePath);
	transformer:

	DiscardUndefinedAttributesTransformer discarder = new DiscardUndefinedAttributesTransformer(AbstractKeyGeneratorResourceDefinition.JNDI_NAME);
	builder.addChildResource(CmpSubsystemModel.UUID_KEY_GENERATOR_PATH).setCustomResourceTransformer(discarder)
	.addOperationTransformationOverride(ModelDescriptionConstants.ADD).setCustomOperationTransformer(discarder)
	.inheritResourceAttributeDefinitions()
	.end()
	.addOperationTransformationOverride(ModelDescriptionConstants.WRITE_ATTRIBUTE_OPERATION).setCustomOperationTransformer(discarder.getWriteAttributeTransformer())
	.inheritResourceAttributeDefinitions()
	.end()
	static void registerTransformers(final TransformersSubRegistration registration, final TransformersSubRegistration loggingProfileReg,
	final PathElement handlerPath, final AttributeDefinition[] additionalAttributes, final String... additionalOperations) {
	final ResourceTransformationDescriptionBuilder builder = TransformationDescriptionBuilder.Factory.createInstance(handlerPath)
	.addRawOperationTransformationOverride(ADD, LoggingOperationTransformer.INSTANCE)
	.addRawOperationTransformationOverride(WRITE_ATTRIBUTE_OPERATION, LoggingOperationTransformer.INSTANCE)
	.addRawOperationTransformationOverride(UPDATE_OPERATION_NAME, LoggingOperationTransformer.INSTANCE)
	.getAttributeBuilder().addRejectCheck(RejectAttributeChecker.SIMPLE_EXPRESSIONS, DEFAULT_ATTRIBUTES)
	.addRejectCheck(RejectAttributeChecker.SIMPLE_EXPRESSIONS, LEGACY_ATTRIBUTES)
	.addRejectCheck(RejectAttributeCh
	<subsystem xmlns="urn:jboss:domain:security:2.0">
	<security-domains>
	<security-domain name="other" cache-type="default" >
	...
	</security-domain>
	</security-domains>
	<keystores>
	<store-definitions>
	<store-defintion name="web-certs" type="jks" path="/path/to/some.jks"/>
	<store-defintion name="kerberos-certs" type="keytab" path="/path/to/krb5.keytab"/>
	<subsystem xmlns="urn:jboss:domain:undertow:1.0">
	<worker name="default" task-core-threads="12" io-threads="3"/>
	<buffer-pool name="default" buffer-size="1024" buffers-per-slice="1024"/>


	<virtual-host default-host="localhost">
	<http-listener name="default" socket-binding="http" worker="default" buffer-pool="default"/>
	<ajp-listener name="ajp-connector" socket-binding="ajp"/>

	<handlers>
	Enter legacy AS version: 7.1.3.Final
	Using target model: 7.1.3.Final
	Enter type [S](standalone)/H(host)/D(domain)/F(domain + host):S
	Read from target directory or from the legacy-models directory - t/[l]:
	Report on differences in the model when the management versions are different? y/[n]: y
	Reporting on differences in the model when the management versions are different
	Loading legacy model versions for 7.1.3.Final....
	Loaded legacy model versions
	Loading model versions for currently running server...
	location / {
	index index.html index.htm;
	proxy_set_header Host $host;
	proxy_set_header SSL_SESSION_ID $ssl_session_id;
	proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
	proxy_set_header SSL_CIPHER $ssl_cipher
	proxy_pass http://localhost:8080;
	}