Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: 1.4.0.Final
Component/s: KeyStores
Labels:
None

Description

This JIRA is in this stage for discussion purposed.

In context of https://issues.jboss.org/browse/PRODMGT-1907 I have compared operations of resources providing same capability in elytron subsystem.

I want to discuss.

diff key-store.operations ldap-key-store.operations 
5,9d4
<         "change-alias",
<         "export-certificate",
<         "generate-certificate-signing-request",
<         "generate-key-pair",
<         "import-certificate",
14d8
<         "load",
34d27
<         "store",

load() was introduced by EAP7-455
rest of operations were introduced by EAP7-650

Now question is if these operations (load() is already covered by PRODMGT-1907) shouldn be also in `ldap-key-store`.

filtering-key-store
should it also contain extended operations or it is enough only underlying key-store has them

Keystore capability org.wildfly.security.key-store is referenced in filtering-key-store, key-manager, trust-manager, keystore-realm, token-realm . Is it necessary to propagate load operation also to these resources.
key-manager has init() operation. trust-manager does not have such operation but went through EAP7-455 so is probably ok. filtering-key-store probably does not "cache" keystore but request underlying keystore. What about keystore-realm, token-realm ?

Although same resources "provide" same capability (org.wildfly.security.key-store) There is no guarantee they should provide same operations on model level, right? It is just user experience issue as one could expect same operations.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2018/07/12 7:35 AM

Updated:: 2022/08/22 6:10 PM