Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1576

Wildfly Elytron Tool, location is required even for non-filebased type e.g. PKCS11

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Major Major
    • None
    • 1.3.1.Final
    • Command-Line Tool
    • None
    • Hide
      /opt/java/jdk-9.0.4_fips/bin/java, -jar, /home/mchoma/Repos/tests-security/fips/target/dist/jboss-eap/bin/wildfly-elytron-tool.jar, credential-store, -c, -a, secret-key, -x, pass123+, -p, pass123+, -u, keyStoreType=PKCS11;external=true;keyAlias=my-key;externalPath=/home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/secure-data-file, --debug
      
      09:37:56,418 ERROR [com.redhat.eap.qe.cli.CommandExecutor] (main) Exception encountered executing the command:
      org.apache.commons.cli.MissingArgumentException: ELYTOOL00016: Option "location" is not specified.
      	at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:157)
      	at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:81)
      
      Show
      /opt/java/jdk-9.0.4_fips/bin/java, -jar, /home/mchoma/Repos/tests-security/fips/target/dist/jboss-eap/bin/wildfly-elytron-tool.jar, credential-store, -c, -a, secret-key, -x, pass123+, -p, pass123+, -u, keyStoreType=PKCS11;external= true ;keyAlias=my-key;externalPath=/home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/secure-data-file, --debug 09:37:56,418 ERROR [com.redhat.eap.qe.cli.CommandExecutor] (main) Exception encountered executing the command: org.apache.commons.cli.MissingArgumentException: ELYTOOL00016: Option "location" is not specified. at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:157) at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:81)
    • Workaround Exists
    • Hide

      use empty file

      • touch /home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/workaround_file
      • 09:35:42,218 INFO  [com.redhat.eap.qe.cli.CommandExecutor] (main) Command:[/opt/java/jdk-9.0.4_fips/bin/java, -jar, /home/mchoma/Repos/tests-security/fips/target/dist/jboss-eap/bin/wildfly-elytron-tool.jar, credential-store, -c, -a, secret-key, -x, pass123+, -p, pass123+, -l, /home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/workaround_file, -u, keyStoreType=PKCS11;external=true;keyAlias=my-key;externalPath=/home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/secure-data-file, --debug]
        09:35:43,601 INFO  [com.redhat.eap.qe.cli.CommandExecutor] (main) Process output:
        Alias "secret-key" has been successfully stored
        
      Show
      use empty file touch /home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/workaround_file 09:35:42,218 INFO [com.redhat.eap.qe.cli.CommandExecutor] (main) Command:[/opt/java/jdk-9.0.4_fips/bin/java, -jar, /home/mchoma/Repos/tests-security/fips/target/dist/jboss-eap/bin/wildfly-elytron-tool.jar, credential-store, -c, -a, secret-key, -x, pass123+, -p, pass123+, -l, /home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/workaround_file, -u, keyStoreType=PKCS11;external= true ;keyAlias=my-key;externalPath=/home/mchoma/Repos/tests-security/fips/target/FipsCsElytronToolTestCase/secure-data-file, --debug] 09:35:43,601 INFO [com.redhat.eap.qe.cli.CommandExecutor] (main) Process output: Alias "secret-key" has been successfully stored

      Wildfly Elytron tool is not aligned with fix for ELY-1460 - Do not reuse location attribute for externalPath attribute. Make externalPath required when external configured.
      In Wildfly Elytron tool location is mandatory

      CredentialStoreCommand.java
              String location = cmdLine.getOptionValue(STORE_LOCATION_PARAM);
              if (location == null) {
                  setStatus(GENERAL_CONFIGURATION_ERROR);
                  throw ElytronToolMessages.msg.optionNotSpecified(STORE_LOCATION_PARAM);
              }
      {code:java|title=CredentialStoreCommand.java}
      
      After relaxing this check, double check usage of location, e.g. here
      

      if ((cmdLine.hasOption(ALIASES_PARAM) || cmdLine.hasOption(CHECK_ALIAS_PARAM)) && !Files.exists(Paths.get(location)))

      { setStatus(GENERAL_CONFIGURATION_ERROR); throw ElytronToolMessages.msg.storageFileDoesNotExist(location); }
      
      

              rhn-support-ivassile Ilia Vassilev
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: