[Red Hat JIRA] (WFWIP-373) :resolve-expression does not resolve encrypted expressions
by Darran Lofthouse (Jira)
[ https://issues.redhat.com/browse/WFWIP-373?page=com.atlassian.jira.plugin... ]
Darran Lofthouse commented on WFWIP-373:
----------------------------------------
I wonder if this method would have worked for Vault expressions, I will have a look.
As we discussed a little bit in the analysis it may be preferable to not support decryption using the management model but even if that is the case this method should fail with an appropriate error and not try and handle it as a system property.
> :resolve-expression does not resolve encrypted expressions
> ----------------------------------------------------------
>
> Key: WFWIP-373
> URL: https://issues.redhat.com/browse/WFWIP-373
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Major
>
> The {{:resolve-expression}} operation does not resolve encrypted expressions.
> {noformat}
> [standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:read-resource
> {
> "outcome" => "success",
> "result" => {
> "default-resolver" => "Default",
> "prefix" => "ENC",
> "resolvers" => [
> {
> "name" => "Default",
> "credential-store" => "credentialstorethree",
> "secret-key" => "secretkey"
> },
> {
> "name" => "resolver2",
> "credential-store" => "credentialstorethree",
> "secret-key" => "secretkey2"
> }
> ]
> }
> }
> [standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword)
> {
> "outcome" => "success",
> "result" => {"expression" => "${ENC::RUxZAUMQHrI7PMuvU+0pJ9EgITJmFPWa9iIb5yZ6i9K3mtgnY2kLo3AIL4d/GIeo7GKzSkXB}"}
> }
> [standalone@localhost:9990 /] :resolve-expression(expression="${ENC::RUxZAUMQHrI7PMuvU+0pJ9EgITJmFPWa9iIb5yZ6i9K3mtgnY2kLo3AIL4d/GIeo7GKzSkXB}")
> {
> "outcome" => "success",
> "result" => ":RUxZAUMQHrI7PMuvU+0pJ9EgITJmFPWa9iIb5yZ6i9K3mtgnY2kLo3AIL4d/GIeo7GKzSkXB"
> }
> {noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 2 months
[Red Hat JIRA] (WFWIP-374) credential-store overwrites existing aliases when generating or importing keys
by Ondrej Kotek (Jira)
Ondrej Kotek created WFWIP-374:
----------------------------------
Summary: credential-store overwrites existing aliases when generating or importing keys
Key: WFWIP-374
URL: https://issues.redhat.com/browse/WFWIP-374
Project: WildFly WIP
Issue Type: Bug
Components: Security
Reporter: Ondrej Kotek
Assignee: Darran Lofthouse
The Elytron {{credential-store}} resource overwrites existing aliases when generating or importing keys, this is not consistent with the behaviour of the {{add-alias}} operation.
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:read-aliases
{
"outcome" => "success",
"result" => ["a1"]
}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:generate-secret-key(alias=a1)
{"outcome" => "success"}
-------------------------
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:export-secret-key(alias=a2)
{
"outcome" => "success",
"result" => {"key" => "RUxZAUuJqp+mNwIEDMrUz0iK6dyG"}
}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:import-secret-key(alias=a2,key=RUxZAUuJqp+mNwIEDMrUz0iK6dyG)
{"outcome" => "success"}
-------------------------
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=a:add-alias(alias=a2,secret-value=a2)
{
"outcome" => "failed",
"failure-description" => "WFLYELY00913: Credential alias 'a2' of credential type 'org.wildfly.security.credential.PasswordCredential' already exists in the store",
"rolled-back" => true
}
{noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 2 months
[Red Hat JIRA] (WFWIP-372) The resolver attribute of the create-expression operation does not auto-complete
by Darran Lofthouse (Jira)
[ https://issues.redhat.com/browse/WFWIP-372?page=com.atlassian.jira.plugin... ]
Darran Lofthouse commented on WFWIP-372:
----------------------------------------
I can have a look at this one in case I can come up with a solution but I think this may be a future feature request.
The reason we have tab completion for various resource references is because the CLI is aware of the capability requirements of a specific resource from it's read-resource-description and is able to query the available capabilities to satisfy the requirement.
In this case the individual resolvers don't offer a capability of their own. I may be able to see if that is a possible.
Other than that something we have discussed in the past in relation to other resources is the ability to provide some generic kind of lookup for allowed values that both the CLI and admin console can use.
> The resolver attribute of the create-expression operation does not auto-complete
> --------------------------------------------------------------------------------
>
> Key: WFWIP-372
> URL: https://issues.redhat.com/browse/WFWIP-372
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Major
>
> The {{resolver}} attribute of the {{/subsystem=elytron/expression=encryption:create-expression}} operation does not auto-complete in CLI.
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 2 months
[Red Hat JIRA] (WFWIP-373) :resolve-expression does not resolve encrypted expressions
by Ondrej Kotek (Jira)
Ondrej Kotek created WFWIP-373:
----------------------------------
Summary: :resolve-expression does not resolve encrypted expressions
Key: WFWIP-373
URL: https://issues.redhat.com/browse/WFWIP-373
Project: WildFly WIP
Issue Type: Bug
Components: Security
Reporter: Ondrej Kotek
Assignee: Darran Lofthouse
The {{:resolve-expression}} operation does not resolve encrypted expressions.
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:read-resource
{
"outcome" => "success",
"result" => {
"default-resolver" => "Default",
"prefix" => "ENC",
"resolvers" => [
{
"name" => "Default",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey"
},
{
"name" => "resolver2",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey2"
}
]
}
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword)
{
"outcome" => "success",
"result" => {"expression" => "${ENC::RUxZAUMQHrI7PMuvU+0pJ9EgITJmFPWa9iIb5yZ6i9K3mtgnY2kLo3AIL4d/GIeo7GKzSkXB}"}
}
[standalone@localhost:9990 /] :resolve-expression(expression="${ENC::RUxZAUMQHrI7PMuvU+0pJ9EgITJmFPWa9iIb5yZ6i9K3mtgnY2kLo3AIL4d/GIeo7GKzSkXB}")
{
"outcome" => "success",
"result" => ":RUxZAUMQHrI7PMuvU+0pJ9EgITJmFPWa9iIb5yZ6i9K3mtgnY2kLo3AIL4d/GIeo7GKzSkXB"
}
{noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 2 months
[Red Hat JIRA] (WFWIP-371) NullPointerException when expression=encryption:create-expression uses resolver with invalid secret-key
by Ondrej Kotek (Jira)
[ https://issues.redhat.com/browse/WFWIP-371?page=com.atlassian.jira.plugin... ]
Ondrej Kotek updated WFWIP-371:
-------------------------------
Description:
NullPointerException when {{/subsystem=elytron/expression=encryption:create-expression}} uses resolver with invalid secret-key (no key under the given alias).
The failure at the end is OK, but it should not be {{NullPointerException}}:
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/secret-key-credential-store=credentialstorethree:read-aliases
{
"outcome" => "success",
"result" => [
"secretkey",
"key"
]
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:read-resource
{
"outcome" => "success",
"result" => {
"default-resolver" => "Default",
"prefix" => "ENC",
"resolvers" => [
{
"name" => "Default",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey"
},
{
"name" => "resolver2",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey2"
}
]
}
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword)
{
"outcome" => "success",
"result" => {"expression" => "${ENC::RUxZAUMQ+LZYf7LtJiSPV4EqY4FEk3WK2V2i4ywGhTTu/3uRQirYtvphB2A8fmK6CSlUnYUd}"}
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword,resolver=resolver2)
{
"outcome" => "failed",
"failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.NullPointerException",
"rolled-back" => true
}
{noformat}
{noformat}
08:52:49,669 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("create-expression") failed - address: ([
("subsystem" => "elytron"),
("expression" => "encryption")
]): java.lang.NullPointerException
at org.wildfly.extension.elytron@15.0.0.Beta1-SNAPSHOT//org.wildfly.extension.elytron.expression.ElytronExpressionResolver.createExpression(ElytronExpressionResolver.java:139)
at org.wildfly.extension.elytron@15.0.0.Beta1-SNAPSHOT//org.wildfly.extension.elytron.ExpressionResolverResourceDefinition$CreateExpressionHandler.executeRuntimeStep(ExpressionResolverResourceDefinition.java:217)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractRuntimeOnlyHandler$1.execute(AbstractRuntimeOnlyHandler.java:59)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:1040)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:779)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:468)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1415)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:431)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:248)
at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:304)
at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:270)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:248)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:240)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$400(ModelControllerClientOperationHandler.java:138)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:162)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:158)
at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:328)
at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:285)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:254)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:225)
at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:158)
at org.jboss.as.protocol@15.0.0.Beta1-SNAPSHOT//org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
at org.jboss.as.protocol@15.0.0.Beta1-SNAPSHOT//org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at java.base/java.lang.Thread.run(Thread.java:834)
at org.jboss.threads@2.4.0.Final//org.jboss.threads.JBossThread.run(JBossThread.java:513)
{noformat}
was:
NullPointerException when {{/subsystem=elytron/expression=encryption:create-expression}} uses resolver with invalid secret-key (no key under the given alias).
The failure at the end is OK, but it should not be {{NullPointerException}}:
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/secret-key-credential-store=credentialstorethree:read-aliases
{
"outcome" => "success",
"result" => [
"secretkey",
"key"
]
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:read-resource
{
"outcome" => "success",
"result" => {
"default-resolver" => "Default",
"prefix" => "ENC",
"resolvers" => [
{
"name" => "Default",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey"
},
{
"name" => "resolver2",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey2"
}
]
}
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword)
{
"outcome" => "success",
"result" => {"expression" => "${ENC::RUxZAUMQ+LZYf7LtJiSPV4EqY4FEk3WK2V2i4ywGhTTu/3uRQirYtvphB2A8fmK6CSlUnYUd}"}
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword,resolver=resolver2)
{
"outcome" => "failed",
"failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.NullPointerException",
"rolled-back" => true
}
{noformat}
> NullPointerException when expression=encryption:create-expression uses resolver with invalid secret-key
> -------------------------------------------------------------------------------------------------------
>
> Key: WFWIP-371
> URL: https://issues.redhat.com/browse/WFWIP-371
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Major
>
> NullPointerException when {{/subsystem=elytron/expression=encryption:create-expression}} uses resolver with invalid secret-key (no key under the given alias).
> The failure at the end is OK, but it should not be {{NullPointerException}}:
> {noformat}
> [standalone@localhost:9990 /] /subsystem=elytron/secret-key-credential-store=credentialstorethree:read-aliases
> {
> "outcome" => "success",
> "result" => [
> "secretkey",
> "key"
> ]
> }
> [standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:read-resource
> {
> "outcome" => "success",
> "result" => {
> "default-resolver" => "Default",
> "prefix" => "ENC",
> "resolvers" => [
> {
> "name" => "Default",
> "credential-store" => "credentialstorethree",
> "secret-key" => "secretkey"
> },
> {
> "name" => "resolver2",
> "credential-store" => "credentialstorethree",
> "secret-key" => "secretkey2"
> }
> ]
> }
> }
> [standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword)
> {
> "outcome" => "success",
> "result" => {"expression" => "${ENC::RUxZAUMQ+LZYf7LtJiSPV4EqY4FEk3WK2V2i4ywGhTTu/3uRQirYtvphB2A8fmK6CSlUnYUd}"}
> }
> [standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword,resolver=resolver2)
> {
> "outcome" => "failed",
> "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.NullPointerException",
> "rolled-back" => true
> }
> {noformat}
> {noformat}
> 08:52:49,669 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("create-expression") failed - address: ([
> ("subsystem" => "elytron"),
> ("expression" => "encryption")
> ]): java.lang.NullPointerException
> at org.wildfly.extension.elytron@15.0.0.Beta1-SNAPSHOT//org.wildfly.extension.elytron.expression.ElytronExpressionResolver.createExpression(ElytronExpressionResolver.java:139)
> at org.wildfly.extension.elytron@15.0.0.Beta1-SNAPSHOT//org.wildfly.extension.elytron.ExpressionResolverResourceDefinition$CreateExpressionHandler.executeRuntimeStep(ExpressionResolverResourceDefinition.java:217)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractRuntimeOnlyHandler$1.execute(AbstractRuntimeOnlyHandler.java:59)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:1040)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:779)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:468)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1415)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:431)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:248)
> at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:304)
> at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:270)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:248)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:240)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$400(ModelControllerClientOperationHandler.java:138)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:162)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:158)
> at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:328)
> at org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:285)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:254)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:225)
> at org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:158)
> at org.jboss.as.protocol@15.0.0.Beta1-SNAPSHOT//org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
> at org.jboss.as.protocol@15.0.0.Beta1-SNAPSHOT//org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
> at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
> at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
> at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
> at java.base/java.lang.Thread.run(Thread.java:834)
> at org.jboss.threads@2.4.0.Final//org.jboss.threads.JBossThread.run(JBossThread.java:513)
> {noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 2 months
[Red Hat JIRA] (WFWIP-371) NullPointerException when expression=encryption:create-expression uses resolver with invalid secret-key
by Ondrej Kotek (Jira)
Ondrej Kotek created WFWIP-371:
----------------------------------
Summary: NullPointerException when expression=encryption:create-expression uses resolver with invalid secret-key
Key: WFWIP-371
URL: https://issues.redhat.com/browse/WFWIP-371
Project: WildFly WIP
Issue Type: Bug
Components: Security
Reporter: Ondrej Kotek
Assignee: Darran Lofthouse
NullPointerException when {{/subsystem=elytron/expression=encryption:create-expression}} uses resolver with invalid secret-key (no key under the given alias).
The failure at the end is OK, but it should not be {{NullPointerException}}:
{noformat}
[standalone@localhost:9990 /] /subsystem=elytron/secret-key-credential-store=credentialstorethree:read-aliases
{
"outcome" => "success",
"result" => [
"secretkey",
"key"
]
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:read-resource
{
"outcome" => "success",
"result" => {
"default-resolver" => "Default",
"prefix" => "ENC",
"resolvers" => [
{
"name" => "Default",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey"
},
{
"name" => "resolver2",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey2"
}
]
}
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword)
{
"outcome" => "success",
"result" => {"expression" => "${ENC::RUxZAUMQ+LZYf7LtJiSPV4EqY4FEk3WK2V2i4ywGhTTu/3uRQirYtvphB2A8fmK6CSlUnYUd}"}
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword,resolver=resolver2)
{
"outcome" => "failed",
"failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.NullPointerException",
"rolled-back" => true
}
{noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 2 months
[Red Hat JIRA] (WFCORE-5292) Remove Java EE References from the i18n strings
by Ranabir Chakraborty (Jira)
[ https://issues.redhat.com/browse/WFCORE-5292?page=com.atlassian.jira.plug... ]
Ranabir Chakraborty commented on WFCORE-5292:
---------------------------------------------
[~dlofthouse] There are not many possible changes in WFLY-CORE for XXXLogger.java files and the LocalDescriptions.properties files. I guess putting that in one PR is good.
> Remove Java EE References from the i18n strings
> -----------------------------------------------
>
> Key: WFCORE-5292
> URL: https://issues.redhat.com/browse/WFCORE-5292
> Project: WildFly Core
> Issue Type: Task
> Components: Server
> Reporter: Yeray Borges Santana
> Assignee: Yeray Borges Santana
> Priority: Major
>
> Replace Java EE References from the i18n strings. Those strings are in the various XXXLogger.java files and the LocalDescriptions.properties files.
>
>
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
3 years, 2 months