Details
-
Bug
-
Resolution: Done
-
Blocker
-
7.1.0.DR15
-
None
Description
When failed credential store flush to file on the disk then we have inconsistency between credential store in memory and persisted file.
I expect consistent state, same aliases in memory and persisted on disk.
We must not add new aliases only to memory.
This problem is exported from issue https://issues.jboss.org/browse/JBEAP-6866
where is noted as secondary problem.
HOW TO REPRODUCE
/subsystem=elytron/credential-store=cs001:add(credential-reference={clear-text=pass123}, relative-to="jboss.server.data.dir", create=true, location=cs/credentialStore.jceks)
/subsystem=elytron/credential-store=cs001/alias=alias001:add(secret-value=secretvalue)
Now is credentialstore.jceks file persisted on disk here JBOSS_HOME/standalone/data/cs
Please remove write permission for folder "cs"
chmod g-w cs chmod u-w cs
Try add another entry to credential store
/subsystem=elytron/credential-store=cs001/alias=alias002:add(secret-value=secretvalue)
{
"outcome" => "failed",
"failure-description" => "WFLYELY00009: Unable to complete operation. 'ELY09525: Unable to flush credential store to storage'",
"rolled-back" => true
}
And you get error message as above.
Now you list all aliases in credential store:
/subsystem=elytron/credential-store=cs001:read-children-names(child-type=alias)
{
"outcome" => "success",
"result" => [
"alias001",
"alias002"
]
}
There is non persisted "alias002" too.
Now we check aliases in persisted file:
reload
There isn't any alias "alias002" after reload.
/subsystem=elytron/credential-store=cs001:read-children-names(child-type=alias)
{
"outcome" => "success",
"result" => ["alias001"]
}
Attachments
Issue Links
- is cloned by
-
-
- Resolved
-
- is incorporated by
-
JBEAP-10508 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta21
-
- Verified
-
