[JBoss JIRA] (WFCORE-3452) If the legacy SecurityRealm references a non-existant alias in the CredentialStore a null password is assumed.

Tuesday, 2 October 2018

     [
https://issues.jboss.org/browse/WFCORE-3452?page=com.atlassian.jira.plugi...
]

Darran Lofthouse updated WFCORE-3452:
-------------------------------------
    Priority: Minor  (was: Major)

...
 If the legacy SecurityRealm references a non-existant alias in the
CredentialStore a null password is assumed.

--------------------------------------------------------------------------------------------------------------

                 Key: WFCORE-3452
                 URL: https://issues.jboss.org/browse/WFCORE-3452
             Project: WildFly Core
          Issue Type: Bug
          Components: Management, Security
    Affects Versions: 3.0.9.Final, 4.0.0.Alpha4
            Reporter: Darran Lofthouse
            Priority: Minor

 We may need to double check CredentialStore references in general as a reference to
non-existant alias probably should cause service start up to fail.
 {noformat}
 18:41:45,072 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001:
Failed to start service org.wildfly.core.management.security.realm.SimpleSSL.key-manager:
org.jboss.msc.service.StartException in service
org.wildfly.core.management.security.realm.SimpleSSL.key-manager: WFLYDM0018: Unable to
start service
 	at
org.jboss.as.domain.management.security.AbstractKeyManagerService.start(AbstractKeyManagerService.java:91)
 	at
org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032)
 	at
org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955)
 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
 	at java.lang.Thread.run(Thread.java:748)
 Caused by: java.security.UnrecoverableKeyException: Password must not be null
 	at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:132)
 	at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
 	at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
 	at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
 	at java.security.KeyStore.getKey(KeyStore.java:1023)
 	at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:133)
 	at
sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)
 	at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
 	at
org.jboss.as.domain.management.security.AbstractKeyManagerService.createKeyManagers(AbstractKeyManagerService.java:140)
 	at
org.jboss.as.domain.management.security.AbstractKeyManagerService.start(AbstractKeyManagerService.java:89)
 	... 5 more
 {noformat} 

--
This message was sent by Atlassian Jira
(v7.12.1#712002)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006