]
Hynek Švábek edited comment on ELY-836 at 4/5/17 7:23 AM:
----------------------------------------------------------
It was already fixed.
was (Author: hsvabek):
It was fixed yet.
CredentialStore resource name and CS alias in memory are case
sensitive but CredentialStore aliases are persisted in lowercase.
-------------------------------------------------------------------------------------------------------------------------------
Key: ELY-836
URL:
https://issues.jboss.org/browse/ELY-836
Project: WildFly Elytron
Issue Type: Bug
Components: Credential Store
Reporter: Hynek Švábek
Assignee: Peter Skopek
CredentialStore resource name is case sensitive but CredentialStore alias is convert to
lowercase.
*How to reproduce*
{code}
/subsystem=elytron/credential-store=csfile001:add(uri="cr-store://test/csfile001.jceks?store.password=pass123;create.storage=true")
{code}
{code}
/subsystem=elytron/credential-store=csfile001/alias=csname001:add(secret-value=secValue123456)
{code}
{code}
/subsystem=elytron/credential-store=csfile001/alias=csNAME001:add(secret-value=secValue987654)
{code}
In csfile001.jceks you can see only "csname001" entry.
*There is biggest problem that in memory are right case sensitive aliases and you can
load them. But in backed CS file is only last one in lowercase.*
{code}
/subsystem=elytron/credential-store=csfile001/alias=csFF:add(secret-value=Elytron)
{code}
{code}
/subsystem=elytron/credential-store=csfile001/alias=csff:add(secret-value=ElytronWrong)
{code}
And now you can use both (csFF and csff) as CredStoreRef alias
e.g.
{code}
/subsystem=elytron/key-store=fireflyKS001:add(path=firefly.keystore,relative-to=jboss.server.data.dir,type=JKS,credential-reference=
{store=csfile001,alias=csFF})
{code}
Another big problem for me is that you have a lot of CS Alias RESOURCES which reference
to ONE entry and update value in CS.
*NOTE*
https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html
{code}
Whether aliases are case sensitive is implementation dependent. In order to avoid
problems, it is recommended not to use aliases in a KeyStore that only differ in case.
{code}
*Suggestions for solution*
* We must unite case (in)sensitive between CS keystore file and CS in memory
* implement case sensitive (Our implementation looks ok, IMO there is another problem
with it...)
* something else