-
Bug
-
Resolution: Done
-
Major
-
None
-
None
jboss-cli stops responding and server cannot be shut down when updating a key pair of a filesystem security realm in the following way:
[standalone@localhost:9990 /] /subsystem=elytron/key-store=exampleKeystore:add(path=keystore, relative-to=jboss.server.config.dir, type=JKS, credential-reference={clear-text=secret})
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/key-store=exampleKeystore:generate-key-pair(alias=localhost,algorithm=RSA,key-size=1024,validity=365,distinguished-name="CN=localhost")
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/key-store=exampleKeystore:store()
{
"outcome" => "success",
"result" => undefined
}
[standalone@localhost:9990 /] /subsystem=elytron/filesystem-realm=exampleSecurityRealm:add(path=fs-realm-users,relative-to=jboss.server.config.dir, key-store=exampleKeystore, key-store-alias=localhost)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/filesystem-realm=exampleSecurityRealm:add-identity(identity=user1)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/filesystem-realm=exampleSecurityRealm:set-password(identity=user1, clear={password="passwordUser1"})
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/filesystem-realm=exampleSecurityRealm:add-identity-attribute(identity=user1, name=Roles, value=["Admin","Guest"])
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/security-domain=exampleSecurityDomain:add(default-realm=exampleSecurityRealm,permission-mapper=default-permission-mapper,realms=[{realm=exampleSecurityRealm}])
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/security-domain=exampleSecurityDomain:read-identity(name=user1)
{
"outcome" => "success",
"result" => {
"name" => "user1",
"attributes" => {"Roles" => [
"Admin",
"Guest"
]},
"roles" => [
"Guest",
"Admin"
]
}
}
[standalone@localhost:9990 /] /subsystem=elytron/key-store=exampleKeystoreFSRealm:add(path=keystore, relative-to=jboss.server.config.dir, type=JKS, credential-reference={clear-text=secret})
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/key-store=exampleKeystoreFSRealm:generate-key-pair(alias=examplehost,algorithm=RSA,key-size=2048,validity=365,distinguished-name="CN=examplehost")
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/key-store=exampleKeystoreFSRealm:store()
{
"outcome" => "success",
"result" => undefined
}
[standalone@localhost:9990 /] /subsystem=elytron/filesystem-realm=exampleSecurityRealm:write-attribute(name=key-store, value=exampleKeystoreFSRealm)
{
"outcome" => "success",
"response-headers" => {
"operation-requires-reload" => true,
"process-state" => "reload-required"
}
}
[standalone@localhost:9990 /] /subsystem=elytron/filesystem-realm=exampleSecurityRealm:write-attribute(name=key-store-alias, value=examplehost)
{
"outcome" => "success",
"response-headers" => {
"operation-requires-reload" => true,
"process-state" => "reload-required"
}
}
[standalone@localhost:9990 /] /subsystem=elytron/filesystem-realm=exampleSecurityRealm:update-key-pair()
When we reload before calling update-key-pair, the procedure works as expected.
- clones
-
-
- Resolved
-
-
-
- Closed
-
