Andy Goldstein created AS7-5156:
-----------------------------------
Summary: Management doesn't work with vaulted passwords in security realm
correctly
Key: AS7-5156
URL:
https://issues.jboss.org/browse/AS7-5156
Project: Application Server 7
Issue Type: Bug
Affects Versions: 7.1.2.Final (EAP)
Reporter: Andy Goldstein
I've been trying to get a vaulted password working with the management interface (e.g.
http://localhost:9990), but it isn't working for me. I've tried EAP 6 and
I've also built the latest from the 7.1 git branch locally, and neither is
successful.
I think I've narrowed it down to the unmaskUsersPasswords method in
org.jboss.as.domain.management.security.SecurityRealmAddHandler. It looks like when the
for loop gets the list of properties to iterate through via
users.get(USER).asPropertyList(), I think it's actually cloning each individual
property. This means the property loop variable is essentially thrown away after looping,
and the users variable remains unmodified. I have stepped through the debugger and can
see the vault correctly decrypting my password, but when this method exits, it is no
longer decrypted.
I'd be happy to provide sample configuration files if necessary. Please let me know
if you need more information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira