[Red Hat JIRA] (WFWIP-378) The error message from export-secret-key on (secret-key-)credential-store should be more helpful
by Ondrej Kotek (Jira)
Ondrej Kotek created WFWIP-378:
----------------------------------
Summary: The error message from export-secret-key on (secret-key-)credential-store should be more helpful
Key: WFWIP-378
URL: https://issues.redhat.com/browse/WFWIP-378
Project: WildFly WIP
Issue Type: Bug
Components: Security
Reporter: Ondrej Kotek
Assignee: Darran Lofthouse
The error message from the {{export-secret-key}} operation on the {{credential-store}} and {{secret-key-credential-store}} resources should be more helpful when exporting invalid alias
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/secret-key-credential-store=b:read-aliases
{
"outcome" => "success",
"result" => ["key"]
}
[standalone@localhost:9990 /] /subsystem=elytron/secret-key-credential-store=b:export-secret-key(alias=key2)
{
"outcome" => "failed",
"failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.IllegalArgumentException: value is null",
"rolled-back" => true
}
{noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 11 months
[Red Hat JIRA] (WFWIP-376) The error message from import-secret-key on (secret-key-)credential-store should be more helpful
by Ondrej Kotek (Jira)
[ https://issues.redhat.com/browse/WFWIP-376?page=com.atlassian.jira.plugin... ]
Ondrej Kotek updated WFWIP-376:
-------------------------------
Description:
The error message from the {{import-secret-key}} operation on the {{credential-store}} and {{secret-key-credential-store}} resources should be more helpful when importing invalid key (truncated in this case)
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZA)
{
"outcome" => "failed",
"failure-description" => "COM00501: Expected padding",
"rolled-back" => true
}
{noformat}
The same message appears when loading a file with a corrupted key.
was:
The error message from the {{import-secret-key}} operation on the {{credential store}} resourece should be more helpful when importing invalid key (truncated in this case)
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZA)
{
"outcome" => "failed",
"failure-description" => "COM00501: Expected padding",
"rolled-back" => true
}
{noformat}
The same message appears when loading a file with a corrupted key.
> The error message from import-secret-key on (secret-key-)credential-store should be more helpful
> ------------------------------------------------------------------------------------------------
>
> Key: WFWIP-376
> URL: https://issues.redhat.com/browse/WFWIP-376
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Critical
>
> The error message from the {{import-secret-key}} operation on the {{credential-store}} and {{secret-key-credential-store}} resources should be more helpful when importing invalid key (truncated in this case)
> {noformat}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZA)
> {
> "outcome" => "failed",
> "failure-description" => "COM00501: Expected padding",
> "rolled-back" => true
> }
> {noformat}
> The same message appears when loading a file with a corrupted key.
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 11 months
[Red Hat JIRA] (WFWIP-374) (secret-key-)credential-store overwrites existing aliases when generating or importing keys
by Ondrej Kotek (Jira)
[ https://issues.redhat.com/browse/WFWIP-374?page=com.atlassian.jira.plugin... ]
Ondrej Kotek updated WFWIP-374:
-------------------------------
Summary: (secret-key-)credential-store overwrites existing aliases when generating or importing keys (was: credential-store overwrites existing aliases when generating or importing keys)
> (secret-key-)credential-store overwrites existing aliases when generating or importing keys
> -------------------------------------------------------------------------------------------
>
> Key: WFWIP-374
> URL: https://issues.redhat.com/browse/WFWIP-374
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Critical
>
> The Elytron {{credential-store}} resource overwrites existing aliases when generating or importing keys, this is not consistent with the behaviour of the {{add-alias}} operation.
> {noformat}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
> {"outcome" => "success"}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:read-aliases
> {
> "outcome" => "success",
> "result" => ["a1"]
> }
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
> {"outcome" => "success"}
> -------------------------
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:export-secret-key(alias=a2)
> {
> "outcome" => "success",
> "result" => {"key" => "RUxZAUuJqp+mNwIEDMrUz0iK6dyG"}
> }
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZAUuJqp+mNwIEDMrUz0iK6dyG)
> {"outcome" => "success"}
> -------------------------
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
> {"outcome" => "success"}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
> {
> "outcome" => "failed",
> "failure-description" => "WFLYELY00913: Credential alias 'a2' of credential type 'org.wildfly.security.credential.PasswordCredential' already exists in the store",
> "rolled-back" => true
> }
> {noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 11 months
[Red Hat JIRA] (WFWIP-374) (secret-key-)credential-store overwrites existing aliases when generating or importing keys
by Ondrej Kotek (Jira)
[ https://issues.redhat.com/browse/WFWIP-374?page=com.atlassian.jira.plugin... ]
Ondrej Kotek updated WFWIP-374:
-------------------------------
Description:
The Elytron {{credential-store}} and {{secret-key-credential-store}} resources overwrite existing aliases when generating or importing keys, this is not consistent with the behaviour of the {{add-alias}} operation.
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:read-aliases
{
"outcome" => "success",
"result" => ["a1"]
}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
{"outcome" => "success"}
-------------------------
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:export-secret-key(alias=a2)
{
"outcome" => "success",
"result" => {"key" => "RUxZAUuJqp+mNwIEDMrUz0iK6dyG"}
}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZAUuJqp+mNwIEDMrUz0iK6dyG)
{"outcome" => "success"}
-------------------------
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
{
"outcome" => "failed",
"failure-description" => "WFLYELY00913: Credential alias 'a2' of credential type 'org.wildfly.security.credential.PasswordCredential' already exists in the store",
"rolled-back" => true
}
{noformat}
was:
The Elytron {{credential-store}} resource overwrites existing aliases when generating or importing keys, this is not consistent with the behaviour of the {{add-alias}} operation.
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:read-aliases
{
"outcome" => "success",
"result" => ["a1"]
}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
{"outcome" => "success"}
-------------------------
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:export-secret-key(alias=a2)
{
"outcome" => "success",
"result" => {"key" => "RUxZAUuJqp+mNwIEDMrUz0iK6dyG"}
}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZAUuJqp+mNwIEDMrUz0iK6dyG)
{"outcome" => "success"}
-------------------------
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
{
"outcome" => "failed",
"failure-description" => "WFLYELY00913: Credential alias 'a2' of credential type 'org.wildfly.security.credential.PasswordCredential' already exists in the store",
"rolled-back" => true
}
{noformat}
> (secret-key-)credential-store overwrites existing aliases when generating or importing keys
> -------------------------------------------------------------------------------------------
>
> Key: WFWIP-374
> URL: https://issues.redhat.com/browse/WFWIP-374
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Critical
>
> The Elytron {{credential-store}} and {{secret-key-credential-store}} resources overwrite existing aliases when generating or importing keys, this is not consistent with the behaviour of the {{add-alias}} operation.
> {noformat}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
> {"outcome" => "success"}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:read-aliases
> {
> "outcome" => "success",
> "result" => ["a1"]
> }
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
> {"outcome" => "success"}
> -------------------------
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:export-secret-key(alias=a2)
> {
> "outcome" => "success",
> "result" => {"key" => "RUxZAUuJqp+mNwIEDMrUz0iK6dyG"}
> }
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZAUuJqp+mNwIEDMrUz0iK6dyG)
> {"outcome" => "success"}
> -------------------------
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
> {"outcome" => "success"}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
> {
> "outcome" => "failed",
> "failure-description" => "WFLYELY00913: Credential alias 'a2' of credential type 'org.wildfly.security.credential.PasswordCredential' already exists in the store",
> "rolled-back" => true
> }
> {noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 11 months
[Red Hat JIRA] (WFWIP-376) The error message from import-secret-key on (secret-key-)credential-store should be more helpful
by Ondrej Kotek (Jira)
[ https://issues.redhat.com/browse/WFWIP-376?page=com.atlassian.jira.plugin... ]
Ondrej Kotek updated WFWIP-376:
-------------------------------
Description:
The error message from the {{import-secret-key}} operation on the {{credential store}} resourece should be more helpful when importing invalid key (truncated in this case)
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZA)
{
"outcome" => "failed",
"failure-description" => "COM00501: Expected padding",
"rolled-back" => true
}
{noformat}
The same message appears when loading a file with a corrupted key.
was:
The error message from the {{import-secret-key}} operation on the {{credential store}} resourece should be more helpful when importing invalid key (truncated in this case)
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZA)
{
"outcome" => "failed",
"failure-description" => "COM00501: Expected padding",
"rolled-back" => true
}
{noformat}
> The error message from import-secret-key on (secret-key-)credential-store should be more helpful
> ------------------------------------------------------------------------------------------------
>
> Key: WFWIP-376
> URL: https://issues.redhat.com/browse/WFWIP-376
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Critical
>
> The error message from the {{import-secret-key}} operation on the {{credential store}} resourece should be more helpful when importing invalid key (truncated in this case)
> {noformat}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZA)
> {
> "outcome" => "failed",
> "failure-description" => "COM00501: Expected padding",
> "rolled-back" => true
> }
> {noformat}
> The same message appears when loading a file with a corrupted key.
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 11 months
[Red Hat JIRA] (WFWIP-376) The error message from import-secret-key on (secret-key-)credential-store should be more helpful
by Ondrej Kotek (Jira)
[ https://issues.redhat.com/browse/WFWIP-376?page=com.atlassian.jira.plugin... ]
Ondrej Kotek updated WFWIP-376:
-------------------------------
Summary: The error message from import-secret-key on (secret-key-)credential-store should be more helpful (was: The error message from import-secret-key on credential store should be more helpful)
> The error message from import-secret-key on (secret-key-)credential-store should be more helpful
> ------------------------------------------------------------------------------------------------
>
> Key: WFWIP-376
> URL: https://issues.redhat.com/browse/WFWIP-376
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Critical
>
> The error message from the {{import-secret-key}} operation on the {{credential store}} resourece should be more helpful when importing invalid key (truncated in this case)
> {noformat}
> [standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZA)
> {
> "outcome" => "failed",
> "failure-description" => "COM00501: Expected padding",
> "rolled-back" => true
> }
> {noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 11 months
[Red Hat JIRA] (WFWIP-377) Incosistency in naming of location/path attribute of credential-store and secret-key-credential-store
by Darran Lofthouse (Jira)
[ https://issues.redhat.com/browse/WFWIP-377?page=com.atlassian.jira.plugin... ]
Darran Lofthouse commented on WFWIP-377:
----------------------------------------
As I mentioned in chat I would be more inclined to deprecate the location attribute on credential-store and switch both to use path - this would be consistent with other resources in the subsystem which pair relative-to with path instead of location.
> Incosistency in naming of location/path attribute of credential-store and secret-key-credential-store
> -----------------------------------------------------------------------------------------------------
>
> Key: WFWIP-377
> URL: https://issues.redhat.com/browse/WFWIP-377
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Major
>
> In the Elytron subsystem, the {{secret-key-credential-store}} resource has the {{path}} attribute which is inconsistent with the {{credential-store}} resource with the {{location}} attribute.
> The rest of the subsystem we have tried to stick to {{path}} and {{relative-to}} as a common pair. Maybe we could deprecate {{location}} on {{credential-store}} and add path there.
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 11 months