[jboss-jira] [JBoss JIRA] (AS7-3419) JBossWeb::ssl element in connector settings should check for vaultified strings
[
https://issues.jboss.org/browse/AS7-3419?page=com.atlassian.jira.plugin.s...
]
Tomaz Cerar commented on AS7-3419:
----------------------------------
I see your problem, expressions are resolved the proper way, that is by calling
OperationContext.resolveExpression(node)
that one then decides how to resolve expression. RuntimeExpressionResolver class is the
one that actually resolves Vault expressions.
I can confirm that this is a bug in RuntimeExpressionResolver as it should not remove last
character... let me test this more toughly as resolver is global for resolving all
expressions
JBossWeb::ssl element in connector settings should check for
vaultified strings
-------------------------------------------------------------------------------
Key: AS7-3419
URL: https://issues.jboss.org/browse/AS7-3419
Project: Application Server 7
Issue Type: Feature Request
Components: Web
Affects Versions: 7.1.0.CR1
Reporter: Anil Saldhana
Assignee: Tomaz Cerar
Fix For: 7.1.0.Final
Currently, the passwords in the ssl element of the connector settings are in clear text.
https://community.jboss.org/wiki/JBossAS7SecuringPasswords describes very simple ways
of checking whether a string is of the vault format and invoking the vault to get the
decrypted string value.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira