-
Bug
-
Resolution: Done
-
Major
-
None
-
False
-
False
-
-
-
-
-
-
+
-
Undefined
-
The legacy vault integration caused a VaultPropertyResolver to be registered for deployment descriptor processing, we need an equivalent for Elytron's encrypted expression support.
Due to the way it was integrated Vault needed to be passed between various resources in constructors so references were available - the expression resolution in Elytron is available as a capability.
This may mean the EE DUPs can use the capability API to discover it instead. One point to be cautious about is avoiding a direct dependency on the Elytron subsystem as this should be optional.
This should also include annotation processing:
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html/how_to_configure_server_security/securely_storing_credentials#use_an_encrypted_sensitive_string_in_an_application
- blocks
-
JBEAP-22727 (7.4.z) WFLY-14919 - Credential store expression resolution not usable for deployment descriptors and annotations.
- Closed
-
JBEAP-23013 [GSS](7.4.z) WFCORE-5490 - Elytron Expression Resolution too late to handle system properties.
- Closed
- clones
-
WFCORE-5696 Credential store expression resolution not usable for deployment descriptors and annotations.
- Closed
- is blocked by
-
JBEAP-22751 (7.4.z) WFCORE-5709 - Invalid read-attribute and read-resource output for credential store expressions with resolve-expressions=true
- Closed
- is incorporated by
-
JBEAP-22913 (7.4.z) Upgrade WildFly Core from 15.0.6.Final-redhat-00003 to 15.0.7.Final-redhat-00001
- Closed
- relates to
-
WFLY-14912 Remove Vault support entirely from WildFly
- Closed