[gatein-issues] [JBoss JIRA] Resolved: (GTNPORTAL-708) ExoDefaultSecurityTokenGenerator() contains a hard-coded path to the encryption key

Martin Podolinsky (JIRA) jira-events at lists.jboss.org
Tue Mar 9 07:05:59 EST 2010 

     [ https://jira.jboss.org/jira/browse/GTNPORTAL-708?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Podolinsky resolved GTNPORTAL-708.
-----------------------------------------

    Resolution: Done


> ExoDefaultSecurityTokenGenerator() contains a hard-coded path to the encryption key
> -----------------------------------------------------------------------------------
>
>                 Key: GTNPORTAL-708
>                 URL: https://jira.jboss.org/jira/browse/GTNPORTAL-708
>             Project: GateIn Portal
>          Issue Type: Bug
>          Components: Common integration
>    Affects Versions: 3.0.0-CR01
>         Environment: Deployed into EAP 5.0, Java 1.6, Linux
>            Reporter: Martin Podolinsky
>            Assignee: Martin Podolinsky
>             Fix For: 3.0.0-GA
>
>
> I've created the directory jboss-as/server/${server-config}/conf/exo-conf supposed to be a place for all exo related stuff. The directory is checked and provided by the org.exoplatform.container.monitor.jvm.J2EEServerInfo helper class. So with the directory created is a gadget encryption key (key.txt) properly generated created by the ExoContainerConfig class and everything looks fine. The problem appears when the ExoDefaultSecurityTokenGenerator comes into play, because it contains a hard-coded key name:
> this.containerKey = "key.txt";
> so further methods expect the file "key.txt" in the current AS execution directory, although it's generated in the exo-conf.
> Exception stack trace:
> *******************
> 11:03:06,742 ERROR [STDERR] java.io.FileNotFoundException: key.txt (No such file or directory)                                                                  
> 11:03:06,744 ERROR [STDERR]     at java.io.FileInputStream.open(Native Method)                                                                                  
> 11:03:06,744 ERROR [STDERR]     at java.io.FileInputStream.<init>(FileInputStream.java:106)                                                                     
> 11:03:06,744 ERROR [STDERR]     at org.apache.shindig.common.crypto.BasicBlobCrypter.<init>(BasicBlobCrypter.java:79)                                           
> 11:03:06,744 ERROR [STDERR]     at org.exoplatform.portal.gadget.core.ExoDefaultSecurityTokenGenerator.getBlobCrypter(ExoDefaultSecurityTokenGenerator.java:127)
> 11:03:06,744 ERROR [STDERR]     at org.exoplatform.portal.gadget.core.ExoDefaultSecurityTokenGenerator.createToken(ExoDefaultSecurityTokenGenerator.java:92)    
> 11:03:06,744 ERROR [STDERR]     at org.exoplatform.portal.gadget.core.ExoDefaultSecurityTokenGenerator.createToken(ExoDefaultSecurityTokenGenerator.java:122)   
> 11:03:06,744 ERROR [STDERR]     at org.exoplatform.portal.webui.application.GadgetUtil.createToken(GadgetUtil.java:119)                                         
> 11:03:06,744 ERROR [STDERR]     at org.exoplatform.portal.webui.application.UIGadget.getMetadata(UIGadget.java:210)

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the gatein-issues mailing list