Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-810

Unify CredentialStore around CredentialSource style storage capability

    XMLWordPrintable

Details

    Description

      The following needs to be done:

      • Move the PB masked password format to a proper password type
      • Introduce protection parameters for credential stores and entries
      • Drop the admin_key concept in favor of credential store protection parameters
      • Introduce a proper vault-compatible credential store
      • Introduce a mechanism to pull protection parameters for stores from the client configuration
      • Use a credential store which can store (nearly) any credential type
      • Update XML accordingly
      • Remove dangerous command execution patterns from credential store, make them safe and make them CredentialSources instead
      • Clean up exception hierarchy of credential stores
      • Introduce simple map-backed credential store
        Additionally, the above implies:
      • Introduce AlgorithmParameterSpi for password parameter types
      • Introduce hashing ability for parameters
      • Add missing parameter types for PBE
      • Introduce serialization trickery to support picketbox class names for vault files
      • Atomic file output stream
      • Update tests as needed

      Attachments

        Issue Links

          Activity

            People

              dlloyd@redhat.com David Lloyd
              dlloyd@redhat.com David Lloyd
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: