Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-658

JBoss Vault does not parse file paths on Windows correctly

XMLWordPrintable

      When using the standard standalone.bat file and vault mechanism for masking the keystore password (see https://community.jboss.org/wiki/JBossAS7SecuringPasswords) the JBoss code that reads the jboss.home.dir in the vault section in standalone.xml
      removes all file separators from the jboss home path. If the full path to the keystore file and jboss home dir are hardcoded into the vault xml fragment, then the vault works fine.I have tried all combinations of file separators in
      standalone.bat and in a separate properties file, but the separators are all removed. The echo of JBOSS_HOME_DIR from standalone.bat gives D:\projects\jboss7 with the proper file separators.(see stacktrace) The error starts with:
      ...SecurityVaultException: PB00019: Processing Failed: D:projectsjboss7/apphome/vault does not exist.

      Vault xml:

      <vault>
      <vault-option name="KEYSTORE_URL" value="${jboss.server.config.dir}/localhost.keystore" /> // hardcoded path works
      ...
      <vault-option name="ENC_FILE_DIR" value="${jboss.home.dir}/apphome/vault" /> // hardcoded path works

      </vault>

      End of standalone.bat after :RESTART (double quotes not doing anything)

      -Djboss.home.dir="%JBOSS_HOME%" ^ // can hardcode path with any type of separators here and they all go away

      Full Stacktrace:

      D:\projects\jboss7\bin>standalone.bat
      Calling "D:\projects\jboss7\bin\standalone.conf.bat"
      ===============================================================================

      JBoss Bootstrap Environment

      JBOSS_HOME: D:\projects\jboss7

      JAVA: C:\Program Files (x86)\Java\jdk1.6.0_32\bin\java

      JAVA_OPTS: -XX:+TieredCompilation -Dprogram.name=standalone.bat -Xms512M -Xmx1024M -XX:MaxPermSize
      =512M -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djava.net.pre
      ferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Djboss.modules.system.pkgs=org.jboss.byteman -D
      jboss.server.default.config=standalone.xml -Xrunjdwp:transport=dt_socket,address=12999,server=y,susp
      end=n -Dtcaims.home=W:\projects\jboss7\tcaimshome -DdevelopmentConfig=true -DTheaterOps=0

      ===============================================================================

      Listening for transport dt_socket at address: 12999
      18:37:35,762 INFO [org.jboss.modules] JBoss Modules version 1.1.1.GA
      18:37:35,871 INFO [org.jboss.msc] JBoss MSC version 1.0.2.GA
      18:37:35,887 INFO [org.jboss.as] JBAS015899: JBoss AS 7.1.1.Final "Brontes" starting
      18:37:36,308 INFO [org.jboss.security.vault.SecurityVaultFactory] Getting Security Vault with imple
      mentation of org.picketbox.plugins.vault.PicketBoxSecurityVault
      18:37:36,308 ERROR [org.jboss.as.controller.management-operation] JBAS014612: Operation ("add") fail
      ed - address: ([("core-service" => "vault")]): java.lang.RuntimeException: JBAS015804: Error initial
      izing vault - org.jboss.as.server.services.security.VaultReaderException: org.jboss.security.vault
      .SecurityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019: Processing Failed
      : D:projectsjboss7/tcaimshome/vault/ does not exist
      at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
      :115)
      at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:50)
      [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
      a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
      java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
      va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.ParallelBootOperationStepHandler.execute(ParallelBootOperationSte
      pHandler.java:161) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
      a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
      java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
      va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:168) [jboss-as-
      controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:190
      ) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at org.jboss.as.server.ServerService.boot(ServerService.java:291)
      at org.jboss.as.server.ServerService.boot(ServerService.java:266)
      at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:15
      5) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
      at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_32]
      Caused by: org.jboss.as.server.services.security.VaultReaderException: org.jboss.security.vault.Secu
      rityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019: Processing Failed: D:pr
      ojectsjboss7/tcaimshome/vault/ does not exist
      at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:84)
      at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
      :113)
      ... 14 more
      Caused by: org.jboss.security.vault.SecurityVaultException: org.jboss.security.vault.SecurityVaultEx
      ception: PB00019: Processing Failed: D:projectsjboss7/tcaimshome/vault/ does not exist
      at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:199)
      at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:82)
      ... 15 more
      Caused by: org.jboss.security.vault.SecurityVaultException: PB00019: Processing Failed: D:projectsjbo
      ss7/tcaimshome/vault/ does not exist
      at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:177)
      ... 16 more

      18:37:36,339 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an unrecoverable mann
      er; exiting. See previous messages for details.
      18:37:36,355 INFO [org.jboss.as] JBAS015950: JBoss AS 7.1.1.Final "Brontes" stopped in 2ms

              pskopek@redhat.com Peter Skopek
              pskopek@redhat.com Peter Skopek
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: