-
Bug
-
Resolution: Done
-
Blocker
-
7.1.0.DR17
-
None
Credential store reload operation doesn't have effect in dependent resources.
When we have keystore which obtains password from credential store, we change on file system backed storage file which contains wrong password to keystore and reload it. Credential store is right state, but keystore still works.
There is expected fail.
How to reproduce
For simplifying we only update value in credential store and reload it (it should work too JBEAP-6614).
In my opinion is there same problem and solving one will solve both problems.
/subsystem=elytron/credential-store=cs001:add(create=true, location=cs001.jceks, relative-to="jboss.server.data.dir", credential-reference={clear-text=pass123}) /subsystem=elytron/credential-store=cs001:add-alias(alias=ff, secret-value=Elytron) #copy firefly.keystore to JBOSS_HOME/Standalone/data folder /subsystem=elytron/key-store=firefly:add(path=firefly.keystore,relative-to=jboss.server.data.dir,type=JKS,credential-reference= {store=cs001,alias=ff} this command show all aliases /subsystem=elytron/key-store=firefly:read-aliases()
Now we change keystore password to wrong and reload credential store
OR
You can replace storage file which contains wrong password to keystore and call RELOAD command only
/subsystem=elytron/credential-store=cs001:remove-alias(alias=ff) /subsystem=elytron/credential-store=cs001:add-alias(alias=ff, secret-value=ElytronWrong) /subsystem=elytron/credential-store=cs001:reload()
This command wrongly prints all aliases
/subsystem=elytron/key-store=firefly:read-aliases()
We expect error message about wrong password to access to keystore
- blocks
-
JBEAP-8571 CredentialStore issues
- Resolved
- is cloned by
-
WFCORE-2867 Credential store reload operation doesn't have effect in dependent resources.
- Resolved
- is incorporated by
-
JBEAP-11137 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta26
- Closed
- is related to
-
JBEAP-6614 Credential-reference(alias=) should be resolved in time of request.
- Closed
- relates to
-
JBEAP-10741 Elytron Keystore resource needs restart when is changed credential-reference attribute but restart-required is set to "no-services"
- Closed