Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.1.0.DR9
Affects Version/s: 7.1.0.DR7
Component/s: Security
Labels:
None

Target Release:

7.1.0.GA
Git Pull Request:
https://github.com/jbossas/jboss-eap7/pull/1068
Steps to Reproduce:
Hide

firefly.keystore which is attached copy to eap_home/standalone/data.

run EAP server
./bin/standalone.sh

run CLI
./bin/jboss-cli.sh -c
if applicaple add Elytron extension and Elytron subsystem and reload server
/extension=org.wildfly.extension.elytron:add()
/subsystem=elytron:add()
reload

/subsystem=elytron/credential-store=credStore:add(uri="cr-store://test/scratchSC.jceks?create.storage=true;store.password=pass123") /subsystem=elytron/credential-store=credStore/alias=ff:add(secret-value=Elytron) /subsystem=elytron/key-store=firefly:add(path=firefly.keystore,relative-to=jboss.server.data.dir,type=JKS,credential-reference={store=credStore,alias=ff}) /subsystem=elytron:remove()

Alternative faster way to reproduce: use attached standalone-removing.xml and run:

/subsystem=elytron:remove()

(keystore file does not need to exist to reproduce this)
Show
firefly.keystore which is attached copy to eap_home/standalone/data. run EAP server ./bin/standalone.sh run CLI ./bin/jboss-cli.sh -c if applicaple add Elytron extension and Elytron subsystem and reload server /extension=org.wildfly.extension.elytron:add() /subsystem=elytron:add() reload /subsystem=elytron/credential-store=credStore:add(uri= "cr-store: //test/scratchSC.jceks?create.storage= true ;store.password=pass123" ) /subsystem=elytron/credential-store=credStore/alias=ff:add(secret-value=Elytron) /subsystem=elytron/key-store=firefly:add(path=firefly.keystore,relative-to=jboss.server.data.dir,type=JKS,credential-reference={store=credStore,alias=ff}) /subsystem=elytron:remove() Alternative faster way to reproduce: use attached standalone-removing.xml and run: /subsystem=elytron:remove() (keystore file does not need to exist to reproduce this)

SFDC Cases Counter:
SFDC Cases Links:

Description

Is impossible remove whole Elytron subsystem by one command when Elytron resource depends on another Elytron resource.

Scenario:

I have KeyStore in Elytron subsystem with CredentialStoreReference set to CredentialStore
I want to delete whole Elytron subsystem

I execute this CLI command /subsystem=elytron:remove() and get error

{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0171: Removing services has lead to unsatisfied dependencies:
Service org.wildfly.security.credential-store-client.credStore was depended upon by service org.wildfly.security.key-store.firefly",
    "rolled-back" => true,
    "response-headers" => {"process-state" => "reload-required"}
}

NOTES:

When I perform CLI command /subsystem=elytron:remove() again as it passes.
When I use for remove {allow-resource-service-restart=true} as /subsystem=elytron:remove(){allow-resource-service-restart=true}
then result is successful.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

firefly.keystore
4 kB
2016/10/27 9:42 AM
standalone-removing.xml
21 kB
2016/11/15 10:57 AM

Issue Links

is cloned by

WFLY-7619 Is impossible remove whole Elytron subsystem when Elytron resource depends on another Elytron resource.

Closed

is incorporated by

JBEAP-7538 Upgrade Elytron Subsystem to 1.0.0.Alpha15

Verified

Activity

People

Assignee:: Jan Kalina (Inactive)

Reporter:: Hynek Švábek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2016/10/27 9:55 AM

Updated:: 2021/10/24 5:58 AM

Resolved:: 2016/11/29 3:53 PM