Merge remote-tracking branch 'origin/Issue#164-support-custom-security-providers' into Issue#164-support-custom-security-providers

Author: rakillen

core/src/main/python/wlsdeploy/tool/create/creator.py

@@ -19,7 +19,7 @@
 from wlsdeploy.util import dictionary_utils
 from wlsdeploy.util.model import Model
 from wlsdeploy.util.weblogic_helper import WebLogicHelper
-
+ 
 
 class Creator(object):
     """
@@ -462,7 +462,10 @@ def _delete_existing_providers(self, location):
         The security realms providers in the model are processed as merge to the model. Each realm provider
         section must be complete and true to the resulting domain. Any existing provider not found in the
         model will be removed, and any provider in the model but not in the domain will be added. The resulting
-        provider list will be ordered as listed in the model.
+        provider list will be ordered as listed in the model. If the provider type (i.e. AuthenticationProvider)
+        is not in the model, it is assumed no configuration or ordering is needed, and the provider is skipped.
+        If the provider type is in the model, but there is no MBean entry under the provider, then it is 
+        assumed that all providers for that provider type must be removed.
 
         For create, the default realm and default providers have been added by the weblogic base template and any
         extension templates. They have default values. These providers will be removed from the domain. During
@@ -477,9 +480,8 @@ def _delete_existing_providers(self, location):
         with the correct name. And the DefaultAuthenticationProvider successfully re-adds with the correct default
         identity asserter.
 
-        This release does not support updating the provider list. Because this means that the realms cannot be
-        configured accurately, the security configuration is not configured. It is in the original configuration
-        applied by the templates.
+        This release also supports updating the security configuration realms in both offline and online mode. This
+        release requires a complete list of providers as described in the first paragraph.
 
         :param location: current context of the location pointing at the provider mbean
         """

core/src/main/python/wlsdeploy/tool/create/security_provider_creator.py

@@ -24,7 +24,6 @@ class SecurityProviderCreator(Creator):
 
     Custom Security Providers are supported in 12c releases only.
 
-    Configuration of the security realms is not supported in 11g -
     Default providers in 11g have no name. Offline wlst returns 'Provider' as each provider name instead.
     By deleting and re-adding, the providers are added with the appropriate name field.
 
@@ -39,7 +38,8 @@ class SecurityProviderCreator(Creator):
     5. All 11g and 12c versions less than 12.2.1.2 cannot perform a delete on an Adjudicator object.
 
     The SecurityConfiguration is added if it does not exist. The default realm is added if it does not exist.
-    If it is not an 11g target domain, then configure the realms with merge to model with the providers
+    If the model provides a user defined realm, the default realm is not removed. 
+    
     """
     __class_name = 'SecurityProviderHelper'
 

core/src/main/python/wlsdeploy/tool/util/custom_folder_helper.py

@@ -1,5 +1,5 @@
 """
-Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
+Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
 The Universal Permissive License (UPL), Version 1.0
 """
 from java.lang import IllegalArgumentException