[Red Hat JIRA] (WFWIP-371) NullPointerException when expression=encryption:create-expression uses resolver with invalid secret-key
7:49 a.m.
[
https://issues.redhat.com/browse/WFWIP-371?page=com.atlassian.jira.plugin...
]
Darran Lofthouse commented on WFWIP-371:
----------------------------------------
Going to move this one up to critical as well to prioritise, I think accurate error
reporting of the new operations is going to be important.
Moving into using expressions we do loose some of the referential integrity that
capabilities and requirements provided but where we have a situation like this we should
have something more meaningful to report.
NullPointerException when expression=encryption:create-expression
uses resolver with invalid secret-key
-------------------------------------------------------------------------------------------------------
Key: WFWIP-371
URL: https://issues.redhat.com/browse/WFWIP-371
Project: WildFly WIP
Issue Type: Bug
Components: Security
Reporter: Ondrej Kotek
Assignee: Darran Lofthouse
Priority: Critical
NullPointerException when {{/subsystem=elytron/expression=encryption:create-expression}}
uses resolver with invalid secret-key (no key under the given alias).
The failure at the end is OK, but it should not be {{NullPointerException}}:
{noformat}
[standalone@localhost:9990 /]
/subsystem=elytron/secret-key-credential-store=credentialstorethree:read-aliases
{
"outcome" => "success",
"result" => [
"secretkey",
"key"
]
}
[standalone@localhost:9990 /] /subsystem=elytron/expression=encryption:read-resource
{
"outcome" => "success",
"result" => {
"default-resolver" => "Default",
"prefix" => "ENC",
"resolvers" => [
{
"name" => "Default",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey"
},
{
"name" => "resolver2",
"credential-store" => "credentialstorethree",
"secret-key" => "secretkey2"
}
]
}
}
[standalone@localhost:9990 /]
/subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword)
{
"outcome" => "success",
"result" => {"expression" =>
"${ENC::RUxZAUMQ+LZYf7LtJiSPV4EqY4FEk3WK2V2i4ywGhTTu/3uRQirYtvphB2A8fmK6CSlUnYUd}"}
}
[standalone@localhost:9990 /]
/subsystem=elytron/expression=encryption:create-expression(clear-text=CredentialStoreTwoPassword,resolver=resolver2)
{
"outcome" => "failed",
"failure-description" => "WFLYCTL0158: Operation handler failed:
java.lang.NullPointerException",
"rolled-back" => true
}
{noformat}
{noformat}
08:52:49,669 ERROR [org.jboss.as.controller.management-operation]
(management-handler-thread - 1) WFLYCTL0013: Operation ("create-expression")
failed - address: ([
("subsystem" => "elytron"),
("expression" => "encryption")
]): java.lang.NullPointerException
at
org.wildfly.extension.elytron@15.0.0.Beta1-SNAPSHOT//org.wildfly.extension.elytron.expression.ElytronExpressionResolver.createExpression(ElytronExpressionResolver.java:139)
at
org.wildfly.extension.elytron@15.0.0.Beta1-SNAPSHOT//org.wildfly.extension.elytron.ExpressionResolverResourceDefinition$CreateExpressionHandler.executeRuntimeStep(ExpressionResolverResourceDefinition.java:217)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractRuntimeOnlyHandler$1.execute(AbstractRuntimeOnlyHandler.java:59)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:1040)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:779)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:468)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1415)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:431)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:248)
at
org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:304)
at
org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:270)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:248)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:240)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$400(ModelControllerClientOperationHandler.java:138)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:162)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:158)
at
org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:328)
at
org.wildfly.security.elytron-private@1.14.3.CR1-SNAPSHOT//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:285)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:254)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:225)
at
org.jboss.as.controller@15.0.0.Beta1-SNAPSHOT//org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:158)
at
org.jboss.as.protocol@15.0.0.Beta1-SNAPSHOT//org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
at
org.jboss.as.protocol@15.0.0.Beta1-SNAPSHOT//org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
at
org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at
org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at
org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at
org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at java.base/java.lang.Thread.run(Thread.java:834)
at
org.jboss.threads@2.4.0.Final//org.jboss.threads.JBossThread.run(JBossThread.java:513)
{noformat}
--
This message was sent by Atlassian Jira
(v8.13.1#813001)
1317
days inactive
1317
days old
0 comments
1 participants
participants (1)
-
Darran Lofthouse (Jira)