[
https://issues.jboss.org/browse/AS7-4868?page=com.atlassian.jira.plugin.s...
]
Geoffrey Bays updated AS7-4868:
-------------------------------
Description:
When using the standard standalone.bat file and vault mechanism for masking the keystore
password (see
https://community.jboss.org/wiki/JBossAS7SecuringPasswords) the JBoss code
that reads the jboss.home.dir in the vault section in standalone.xml
removes all file separators from the jboss home path. If the full path to the keystore
file and jboss home dir are hardcoded into the vault xml fragment, then the vault works
fine.I have tried all combinations of file separators in
standalone.bat and in a separate properties file, but the separators are all removed. The
echo of JBOSS_HOME_DIR from standalone.bat gives D:\projects\jboss7 with the proper file
separators.(see stacktrace) The error starts with:
...SecurityVaultException: PB00019: Processing Failed: D:projectsjboss7/apphome/vault does
not exist.
Vault xml:
<vault>
<vault-option name="KEYSTORE_URL"
value="${jboss.server.config.dir}/localhost.keystore" /> // hardcoded path
works
...
<vault-option name="ENC_FILE_DIR"
value="${jboss.home.dir}/apphome/vault" /> // hardcoded path works
</vault>
End of standalone.bat after :RESTART (double quotes not doing anything)
-Djboss.home.dir="%JBOSS_HOME%" ^ // can hardcode path with any type of
separators here and they all go away
Full Stacktrace:
D:\projects\jboss7\bin>standalone.bat
Calling "D:\projects\jboss7\bin\standalone.conf.bat"
===============================================================================
JBoss Bootstrap Environment
JBOSS_HOME: D:\projects\jboss7
JAVA: C:\Program Files (x86)\Java\jdk1.6.0_32\bin\java
JAVA_OPTS: -XX:+TieredCompilation -Dprogram.name=standalone.bat -Xms512M -Xmx1024M
-XX:MaxPermSize
=512M -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000
-Djava.net.pre
ferIPv4Stack=true -Dorg.jboss.resolver.warning=true
-Djboss.modules.system.pkgs=org.jboss.byteman -D
jboss.server.default.config=standalone.xml
-Xrunjdwp:transport=dt_socket,address=12999,server=y,susp
end=n -Dtcaims.home=W:\projects\jboss7\tcaimshome -DdevelopmentConfig=true -DTheaterOps=0
===============================================================================
Listening for transport dt_socket at address: 12999
18:37:35,762 INFO [org.jboss.modules] JBoss Modules version 1.1.1.GA
18:37:35,871 INFO [org.jboss.msc] JBoss MSC version 1.0.2.GA
18:37:35,887 INFO [org.jboss.as] JBAS015899: JBoss AS 7.1.1.Final "Brontes"
starting
18:37:36,308 INFO [org.jboss.security.vault.SecurityVaultFactory] Getting Security Vault
with imple
mentation of org.picketbox.plugins.vault.PicketBoxSecurityVault
18:37:36,308 ERROR [org.jboss.as.controller.management-operation] JBAS014612: Operation
("add") fail
ed - address: ([("core-service" => "vault")]):
java.lang.RuntimeException: JBAS015804: Error initial
izing vault -- org.jboss.as.server.services.security.VaultReaderException:
org.jboss.security.vault
.SecurityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019:
Processing Failed
: D:projectsjboss7/tcaimshome/vault/ does not exist
at
org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
:115)
at
org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:50)
[jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.ParallelBootOperationStepHandler.execute(ParallelBootOperationSte
pHandler.java:161) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:168)
[jboss-as-
controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:190
) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.server.ServerService.boot(ServerService.java:291)
at org.jboss.as.server.ServerService.boot(ServerService.java:266)
at
org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:15
5) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_32]
Caused by: org.jboss.as.server.services.security.VaultReaderException:
org.jboss.security.vault.Secu
rityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019: Processing
Failed: D:pr
ojectsjboss7/tcaimshome/vault/ does not exist
at
org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:84)
at
org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
:113)
... 14 more
Caused by: org.jboss.security.vault.SecurityVaultException:
org.jboss.security.vault.SecurityVaultEx
ception: PB00019: Processing Failed: D:projectsjboss7/tcaimshome/vault/ does not exist
at
org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:199)
at
org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:82)
... 15 more
Caused by: org.jboss.security.vault.SecurityVaultException: PB00019: Processing Failed:
D:projectsjbo
ss7/tcaimshome/vault/ does not exist
at
org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:177)
... 16 more
18:37:36,339 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an
unrecoverable mann
er; exiting. See previous messages for details.
18:37:36,355 INFO [org.jboss.as] JBAS015950: JBoss AS 7.1.1.Final "Brontes"
stopped in 2ms
was:
When using the standard standalone.bat file and vault mechanism for masking the keystore
password (see
https://community.jboss.org/wiki/JBossAS7SecuringPasswords) the JBoss code
that reads the jboss.home.dir in the vault section in standalone.xml
removes all file separators from the jboss home path. If the full path to the keystore
file and jboss home dir are hardcoded into the vault xml fragment, then the vault works
fine.I have tried all combinations of file separators in
standalone.bat and in a separate properties file, but the separators are all removed. The
echo of JBOSS_HOME_DIR from standalone.bat gives D:\projects\jboss7 with the proper file
separators.(see stacktrace) The error starts with:
...SecurityVaultException: PB00019: Processing Failed: D:projectsjboss7/apphome/vault does
not exist.
Vault xml:
<vault>
<vault-option name="KEYSTORE_URL"
value="${jboss.server.config.dir}/localhost.keystore" /> // hardcoded path
works
...
<vault-option name="ENC_FILE_DIR"
value="${jboss.home.dir}/apphome/vault" /> // hardcoded path works
</vault>
End of standalone.bat after :RESTART (double quotes not doing anything)
-Djboss.home.dir="%JBOSS_HOME%" ^ // can hardcode path with any type of
separators here and they all go away
Full Stacktrace:
D:\projects\jboss7\bin>standalone.bat
Calling "D:\projects\jboss7\bin\standalone.conf.bat"
===============================================================================
JBoss Bootstrap Environment
JBOSS_HOME: D:\projects\jboss7
JAVA: C:\Program Files (x86)\Java\jdk1.6.0_32\bin\java
JAVA_OPTS: -XX:+TieredCompilation -Dprogram.name=standalone.bat -Xms512M -Xmx1024M
-XX:MaxPermSize
=512M -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000
-Djava.net.pre
ferIPv4Stack=true -Dorg.jboss.resolver.warning=true
-Djboss.modules.system.pkgs=org.jboss.byteman -D
jboss.server.default.config=standalone.xml
-Xrunjdwp:transport=dt_socket,address=12999,server=y,susp
end=n -Dtcaims.home=W:\projects\jboss7\tcaimshome -DdevelopmentConfig=true -DTheaterOps=0
===============================================================================
Listening for transport dt_socket at address: 12999
18:37:35,762 INFO [org.jboss.modules] JBoss Modules version 1.1.1.GA
18:37:35,871 INFO [org.jboss.msc] JBoss MSC version 1.0.2.GA
18:37:35,887 INFO [org.jboss.as] JBAS015899: JBoss AS 7.1.1.Final "Brontes"
starting
18:37:36,308 INFO [org.jboss.security.vault.SecurityVaultFactory] Getting Security Vault
with imple
mentation of org.picketbox.plugins.vault.PicketBoxSecurityVault
18:37:36,308 ERROR [org.jboss.as.controller.management-operation] JBAS014612: Operation
("add") fail
ed - address: ([("core-service" => "vault")]):
java.lang.RuntimeException: JBAS015804: Error initial
izing vault -- org.jboss.as.server.services.security.VaultReaderException:
org.jboss.security.vault
.SecurityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019:
Processing Failed
: D:projectsjboss7/tcaimshome/vault/ does not exist
at
org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
:115)
at
org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:50)
[jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.ParallelBootOperationStepHandler.execute(ParallelBootOperationSte
pHandler.java:161) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:168)
[jboss-as-
controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:190
) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.server.ServerService.boot(ServerService.java:291)
at org.jboss.as.server.ServerService.boot(ServerService.java:266)
at
org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:15
5) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_32]
Caused by: org.jboss.as.server.services.security.VaultReaderException:
org.jboss.security.vault.Secu
rityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019: Processing
Failed: D:pr
ojectsjboss7/tcaimshome/vault/ does not exist
at
org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:84)
at
org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
:113)
... 14 more
Caused by: org.jboss.security.vault.SecurityVaultException:
org.jboss.security.vault.SecurityVaultEx
ception: PB00019: Processing Failed: D:projectsjboss7/tcaimshome/vault/ does not exist
at
org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:199)
at
org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:82)
... 15 more
Caused by: org.jboss.security.vault.SecurityVaultException: PB00019: Processing
Failed:D:projectsjbo
ss7/tcaimshome/vault/ does not exist
at
org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:177)
... 16 more
18:37:36,339 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an
unrecoverable mann
er; exiting. See previous messages for details.
18:37:36,355 INFO [org.jboss.as] JBAS015950: JBoss AS 7.1.1.Final "Brontes"
stopped in 2ms
Forum Reference:
https://community.jboss.org/wiki/JBossAS7SecuringPasswords (was:
https://community.jboss.org/wiki/JBossAS7SecuringPasswords)
JBoss Vault does not parse file paths on Windows correctly
----------------------------------------------------------
Key: AS7-4868
URL:
https://issues.jboss.org/browse/AS7-4868
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.1.1.Final
Environment: Windows 7 64-bit, JDK 1.6.0_32, JBoss 7.1.1 Final 'Brontes'
Reporter: Geoffrey Bays
Assignee: Anil Saldhana
Priority: Blocker
Labels: new_and_noteworthy
Fix For: 7.0.2.SP1
When using the standard standalone.bat file and vault mechanism for masking the keystore
password (see
https://community.jboss.org/wiki/JBossAS7SecuringPasswords) the JBoss code
that reads the jboss.home.dir in the vault section in standalone.xml
removes all file separators from the jboss home path. If the full path to the keystore
file and jboss home dir are hardcoded into the vault xml fragment, then the vault works
fine.I have tried all combinations of file separators in
standalone.bat and in a separate properties file, but the separators are all removed. The
echo of JBOSS_HOME_DIR from standalone.bat gives D:\projects\jboss7 with the proper file
separators.(see stacktrace) The error starts with:
...SecurityVaultException: PB00019: Processing Failed: D:projectsjboss7/apphome/vault
does not exist.
Vault xml:
<vault>
<vault-option name="KEYSTORE_URL"
value="${jboss.server.config.dir}/localhost.keystore" /> // hardcoded path
works
...
<vault-option name="ENC_FILE_DIR"
value="${jboss.home.dir}/apphome/vault" /> // hardcoded path works
</vault>
End of standalone.bat after :RESTART (double quotes not doing anything)
-Djboss.home.dir="%JBOSS_HOME%" ^ // can hardcode path with any type of
separators here and they all go away
Full Stacktrace:
D:\projects\jboss7\bin>standalone.bat
Calling "D:\projects\jboss7\bin\standalone.conf.bat"
===============================================================================
JBoss Bootstrap Environment
JBOSS_HOME: D:\projects\jboss7
JAVA: C:\Program Files (x86)\Java\jdk1.6.0_32\bin\java
JAVA_OPTS: -XX:+TieredCompilation -Dprogram.name=standalone.bat -Xms512M -Xmx1024M
-XX:MaxPermSize
=512M -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000
-Djava.net.pre
ferIPv4Stack=true -Dorg.jboss.resolver.warning=true
-Djboss.modules.system.pkgs=org.jboss.byteman -D
jboss.server.default.config=standalone.xml
-Xrunjdwp:transport=dt_socket,address=12999,server=y,susp
end=n -Dtcaims.home=W:\projects\jboss7\tcaimshome -DdevelopmentConfig=true
-DTheaterOps=0
===============================================================================
Listening for transport dt_socket at address: 12999
18:37:35,762 INFO [org.jboss.modules] JBoss Modules version 1.1.1.GA
18:37:35,871 INFO [org.jboss.msc] JBoss MSC version 1.0.2.GA
18:37:35,887 INFO [org.jboss.as] JBAS015899: JBoss AS 7.1.1.Final "Brontes"
starting
18:37:36,308 INFO [org.jboss.security.vault.SecurityVaultFactory] Getting Security Vault
with imple
mentation of org.picketbox.plugins.vault.PicketBoxSecurityVault
18:37:36,308 ERROR [org.jboss.as.controller.management-operation] JBAS014612: Operation
("add") fail
ed - address: ([("core-service" => "vault")]):
java.lang.RuntimeException: JBAS015804: Error initial
izing vault -- org.jboss.as.server.services.security.VaultReaderException:
org.jboss.security.vault
.SecurityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019:
Processing Failed
: D:projectsjboss7/tcaimshome/vault/ does not exist
at
org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
:115)
at
org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:50)
[jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.ParallelBootOperationStepHandler.execute(ParallelBootOperationSte
pHandler.java:161) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.jav
a:385) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.
java:272) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.ja
va:200) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:168)
[jboss-as-
controller-7.1.1.Final.jar:7.1.1.Final]
at
org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:190
) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.server.ServerService.boot(ServerService.java:291)
at org.jboss.as.server.ServerService.boot(ServerService.java:266)
at
org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:15
5) [jboss-as-controller-7.1.1.Final.jar:7.1.1.Final]
at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_32]
Caused by: org.jboss.as.server.services.security.VaultReaderException:
org.jboss.security.vault.Secu
rityVaultException: org.jboss.security.vault.SecurityVaultException: PB00019: Processing
Failed: D:pr
ojectsjboss7/tcaimshome/vault/ does not exist
at
org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:84)
at
org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java
:113)
... 14 more
Caused by: org.jboss.security.vault.SecurityVaultException:
org.jboss.security.vault.SecurityVaultEx
ception: PB00019: Processing Failed: D:projectsjboss7/tcaimshome/vault/ does not exist
at
org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:199)
at
org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:82)
... 15 more
Caused by: org.jboss.security.vault.SecurityVaultException: PB00019: Processing Failed:
D:projectsjbo
ss7/tcaimshome/vault/ does not exist
at
org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:177)
... 16 more
18:37:36,339 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an
unrecoverable mann
er; exiting. See previous messages for details.
18:37:36,355 INFO [org.jboss.as] JBAS015950: JBoss AS 7.1.1.Final "Brontes"
stopped in 2ms
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira