Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-5300

(secret-key-)credential-store overwrites existing aliases when generating or importing keys

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Critical
    • Resolution: Done
    • None
    • 15.0.0.Final
    • Security
    • None

    Description

      The Elytron credential-store and secret-key-credential-store resources overwrite existing aliases when generating or importing keys, this is not consistent with the behaviour of the add-alias operation.

      [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
      {"outcome" => "success"}
      
      [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:read-aliases
      {
          "outcome" => "success",
          "result" => ["a1"]
      }
      
      [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
      {"outcome" => "success"}
      
      -------------------------
      
      [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:export-secret-key(alias=a2)
      {
          "outcome" => "success",
          "result" => {"key" => "RUxZAUuJqp+mNwIEDMrUz0iK6dyG"}
      }
      
      [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZAUuJqp+mNwIEDMrUz0iK6dyG)
      {"outcome" => "success"}
      
      -------------------------
      
      [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
      {"outcome" => "success"}
      
      [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
      {
          "outcome" => "failed",
          "failure-description" => "WFLYELY00913: Credential alias 'a2' of credential type 'org.wildfly.security.credential.PasswordCredential' already exists in the store",
          "rolled-back" => true
      }
      

      Attachments

        Issue Links

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              okotek@redhat.com Ondrej Kotek
              Ondrej Kotek Ondrej Kotek
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: