Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1149

Default CS implementation KeyStoreCredentialStore doesn't validate implementation properties

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 1.1.0.Beta45
    • None
    • None
    • None

      I am able to pass any property into default KeyStoreCredentialStore implementation of credential store. I understand implementation-properties is general data holder for any implementation, so validation can't be made on subsystem level. But each delivered implementation knows which parameters are allowed for itself and thus should check it.

      /subsystem=elytron/credential-store=test:add(relative-to=jboss.server.data.dir,credential-reference={clear-text="pass123+"},implementation-properties={DOES_NOT_EXIST=anything},create=true,location=keystore.jks,modifiable=true)
      

      It can prevent user from typo error. Also can help user to understand what is allowed for current implementation, as allowed properties can't be describe in model, because resource is for general usage.

      "implementation-properties" => {
          "type" => OBJECT,
          "description" => "Map of credentials store implementation specific properties.",
          "attribute-group" => "implementation",
          "expressions-allowed" => true,
          "required" => false,
          "nillable" => true,
          "value-type" => STRING,
          "access-type" => "read-write",
          "storage" => "configuration",
          "restart-required" => "resource-services"
      }
      

              chaowan@redhat.com Chao Wang
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: