[JBoss JIRA] (ELY-1129) WildFly Elytron Tool, Vault command bulk-convert must have better description in --help output.
by Ilia Vassilev (JIRA)
[ https://issues.jboss.org/browse/ELY-1129?page=com.atlassian.jira.plugin.s... ]
Ilia Vassilev reassigned ELY-1129:
----------------------------------
Assignee: Ilia Vassilev (was: Darran Lofthouse)
> WildFly Elytron Tool, Vault command bulk-convert must have better description in --help output.
> -----------------------------------------------------------------------------------------------
>
> Key: ELY-1129
> URL: https://issues.jboss.org/browse/ELY-1129
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Assignee: Ilia Vassilev
> Priority: Blocker
>
> Vault command bulk-convert must have better description in --help output.
> Now there is only this
> {code}
> -b,--bulk-convert <description file> Bulk conversion with parameters in description file
> {code}
> It's insufficient. There is expected to have description of format description file.
> Now all options which are set in description file have not default value and that is in contrast with non-bulk-convert which contain default values. There must be mention this information too.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1123) WildFly Elytron Tool, Converted storage file overwrites existing file on filesystem.
by Ilia Vassilev (JIRA)
[ https://issues.jboss.org/browse/ELY-1123?page=com.atlassian.jira.plugin.s... ]
Ilia Vassilev reassigned ELY-1123:
----------------------------------
Assignee: Ilia Vassilev (was: Darran Lofthouse)
> WildFly Elytron Tool, Converted storage file overwrites existing file on filesystem.
> ------------------------------------------------------------------------------------
>
> Key: ELY-1123
> URL: https://issues.jboss.org/browse/ELY-1123
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Assignee: Ilia Vassilev
>
> Converted storage file overwrites existing file on filesystem.
> Expected behaviour is error or some option which can enable overwriting (flag option?).
> *How to reproduce:*
> download all attachments to same location as *wildfly-elytron-tool.jar* file and then run this command twice and the each one ends with success.
> {code}
> java -jar wildfly-elytron-tool.jar vault --enc-dir . --keystore server.store --keystore-password secretsecret --location converted001.store --alias jboss --summary
> Vault (enc-dir=".";keystore="server.store") converted to credential store "converted001.store"
> Vault Conversion summary:
> --------------------------------------
> Vault Conversion Successful
> CLI command to add new credential store:
> /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="converted001.store",implementation-properties={},credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5;12345678;34"})
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1124) WildFly Elytron Tool, Vault commands with wrongly filled path to vaults should fail.
by Ilia Vassilev (JIRA)
[ https://issues.jboss.org/browse/ELY-1124?page=com.atlassian.jira.plugin.s... ]
Ilia Vassilev reassigned ELY-1124:
----------------------------------
Assignee: Ilia Vassilev (was: Darran Lofthouse)
> WildFly Elytron Tool, Vault commands with wrongly filled path to vaults should fail.
> ------------------------------------------------------------------------------------
>
> Key: ELY-1124
> URL: https://issues.jboss.org/browse/ELY-1124
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Assignee: Ilia Vassilev
> Priority: Critical
>
> Vault commands with wrongly filled path to vaults should fail.
> Converted credential store storage file is empty but it is very confusing to see successful message and created credential storage file.
> The user might mistakenly believe that the VAULT was empty.
> *How to reproduce*
> Download *server.store* attachment to same location as *wildfly-elytron-tool.jar* file and then run these commands
> VAULT.dat is located in path which is given by --enc-dir option - we set it to wrong value.
> {code}
> java -jar wildfly-elytron-tool.jar vault --enc-dir doesntMatter --keystore server.store --keystore-password secretsecret --location converted001.store --alias jboss
> Vault (enc-dir="doesntMatter";keystore="server.store") converted to credential store "converted001.store"
> {code}
> It is created empty converted001.store
> We can omit --location option. In this case is created empty converted file with default name "converted-vault.cr-store" in path given by --enc-dir option.
> {code}
> java -jar wildfly-elytron-tool.jar vault --enc-dir doesntMatter --keystore server.store --keystore-password secretsecret --alias jboss
> Vault (enc-dir="doesntMatter";keystore="server.store") converted to credential store "doesntMatter/converted-vault.cr-store"
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1125) WildFly Elytron Tool, Omitting --location leads to wrong credential store storage file in tool output and in summary output.
by Ilia Vassilev (JIRA)
[ https://issues.jboss.org/browse/ELY-1125?page=com.atlassian.jira.plugin.s... ]
Ilia Vassilev reassigned ELY-1125:
----------------------------------
Assignee: Ilia Vassilev (was: Darran Lofthouse)
> WildFly Elytron Tool, Omitting --location leads to wrong credential store storage file in tool output and in summary output.
> ----------------------------------------------------------------------------------------------------------------------------
>
> Key: ELY-1125
> URL: https://issues.jboss.org/browse/ELY-1125
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Assignee: Ilia Vassilev
>
> Omitting --location leads to wrong credential store storage file in tool output and in summary output.
> In this case when is omitted --location
> * tool output contains credential store storage file name with "enc-dir" path prefix.
> * summary output contains in location double slash in case of enc-dir value ends by slash
> *Expected behaviour:*
> Tool output must show only storage file name.
> Summary output must not contain double slash in location
> *How to reproduce*
> Download all attachments to same location as wildfly-elytron-tool.jar
> option --location must be omitted, --enc-dir must end by slash.
> {code}
> [hsvabek@dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir ./ --keystore server.store --keystore-password secretsecret --alias jboss -f
> Vault (enc-dir="./";keystore="server.store") converted to credential store ".//converted-vault.cr-store"
> Vault Conversion summary:
> --------------------------------------
> Vault Conversion Successful
> CLI command to add new credential store:
> /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location=".//converted-vault.cr-store",implementation-properties={},credential-reference={clear-text="MASK-13KrO2ZNhwNg3UxmIt.02D;12345678;23"})
> {code}
> Now you can see *".//converted-vault.cr-store"* on tool output right value is *"converted-vault.cr-store"*
> and location=*".//converted-vault.cr-store"* in summary output for which is correct value *"./converted-vault.cr-store"*.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1129) WildFly Elytron Tool, Vault command bulk-convert must have better description in --help output.
by Hynek Švábek (JIRA)
[ https://issues.jboss.org/browse/ELY-1129?page=com.atlassian.jira.plugin.s... ]
Hynek Švábek updated ELY-1129:
------------------------------
Component/s: Credential Store
> WildFly Elytron Tool, Vault command bulk-convert must have better description in --help output.
> -----------------------------------------------------------------------------------------------
>
> Key: ELY-1129
> URL: https://issues.jboss.org/browse/ELY-1129
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Assignee: Darran Lofthouse
> Priority: Blocker
>
> Vault command bulk-convert must have better description in --help output.
> Now there is only this
> {code}
> -b,--bulk-convert <description file> Bulk conversion with parameters in description file
> {code}
> It's insufficient. There is expected to have description of format description file.
> Now all options which are set in description file have not default value and that is in contrast with non-bulk-convert which contain default values. There must be mention this information too.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (WFLY-8690) ElytronSecurityContext.getRoles always returns empty array
by Flavia Rainone (JIRA)
Flavia Rainone created WFLY-8690:
------------------------------------
Summary: ElytronSecurityContext.getRoles always returns empty array
Key: WFLY-8690
URL: https://issues.jboss.org/browse/WFLY-8690
Project: WildFly
Issue Type: Bug
Components: JCA
Reporter: Flavia Rainone
Assignee: Flavia Rainone
ElytronSecurityContext.getRoles always returns empty array because it fails to use internally the roles category set by ElytronCallbackHandler, that is, "ejb".
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1129) WildFly Elytron Tool, Vault command bulk-convert must have better description in --help output.
by Hynek Švábek (JIRA)
Hynek Švábek created ELY-1129:
---------------------------------
Summary: WildFly Elytron Tool, Vault command bulk-convert must have better description in --help output.
Key: ELY-1129
URL: https://issues.jboss.org/browse/ELY-1129
Project: WildFly Elytron
Issue Type: Bug
Reporter: Hynek Švábek
Assignee: Darran Lofthouse
Priority: Blocker
Vault command bulk-convert must have better description in --help output.
Now there is only this
{code}
-b,--bulk-convert <description file> Bulk conversion with parameters in description file
{code}
It's insufficient. There is expected to have description of format description file.
Now all options which are set in description file have not default value and that is in contrast with non-bulk-convert which contain default values. There must be mention this information too.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (WFLY-8689) Elytron Audit Logging's rotating-file-audit-log throws IllegalArgumentException if suffix property is not specified
by Jan Tymel (JIRA)
[ https://issues.jboss.org/browse/WFLY-8689?page=com.atlassian.jira.plugin.... ]
Jan Tymel updated WFLY-8689:
----------------------------
Summary: Elytron Audit Logging's rotating-file-audit-log throws IllegalArgumentException if suffix property is not specified (was: Elytron Audit Logging's rotating-file-audit throws IllegalArgumentException if suffix property is not specified)
> Elytron Audit Logging's rotating-file-audit-log throws IllegalArgumentException if suffix property is not specified
> -------------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-8689
> URL: https://issues.jboss.org/browse/WFLY-8689
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Jan Tymel
> Priority: Critical
>
> {{rotating-file-audit}} throws {{IllegalArgumentException}} if user tries to add a new {{rotating-audit-file}} and does not specify {{suffix}} property.
> Steps to reproduce: {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log)}}
> Following output is given in jboss-cli
> {code}
> {
> "outcome" => "failed",
> "failure-description" => {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service
> Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}},
> "rolled-back" => true
> }
> {code}
> and following one in server log:
> {code}
> 12:45:41,381 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service org.wildfly.security.security-event-listener.rotating-audit: org.jboss.msc.service.StartException in service org.wildfly.security.security-event-listener.rotating-audit: Failed to start service
> at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1978)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'
> at java.text.SimpleDateFormat.compile(SimpleDateFormat.java:826)
> at java.text.SimpleDateFormat.initialize(SimpleDateFormat.java:634)
> at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:605)
> at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:580)
> at org.wildfly.security.audit.RotatingFileAuditEndpoint$Builder.setSuffix(RotatingFileAuditEndpoint.java:289)
> at org.wildfly.extension.elytron.AuditResourceDefinitions$2.lambda$getValueSupplier$2(AuditResourceDefinitions.java:235)
> at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53)
> at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032)
> at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955)
> ... 3 more
> 12:45:41,382 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 5) WFLYCTL0013: Operation ("add") failed - address: ([
> ("subsystem" => "elytron"),
> ("rotating-file-audit-log" => "rotating-audit")
> ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service
> Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}}
> {code}
> Note: there is an easy workaround - if user specifies {{suffix}} property then adding a new {{rotating-audit-file}} works fine, e.g. {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,suffix=y-M-d)}} passes successfully.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years