[jboss-jira] [JBoss JIRA] (AS7-3102) Vault element is not written back to config file

Dmitri Voronov (Commented) (JIRA) jira-events at lists.jboss.org
Thu Jan 5 03:16:12 EST 2012 

    [ https://issues.jboss.org/browse/AS7-3102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12653970#comment-12653970 ] 

Dmitri Voronov commented on AS7-3102:
-------------------------------------

I followed the instructions from http://community.jboss.org/wiki/JBossAS7SecuringPasswords and used following vault configuration:

<vault code="org.picketbox.plugins.vault.PicketBoxSecurityVault">	
  	<vault-option name="KEYSTORE_URL" value="<DIR>/jboss/AS-7.1/standalone/configuration/vault.keystore"/>
  	<vault-option name="KEYSTORE_PASSWORD" value="MASK-8mj0bd6g0iq"/>
  	<vault-option name="KEYSTORE_ALIAS" value="vault"/>
  	<vault-option name="SALT" value="12345678"/>
  	<vault-option name="ITERATION_COUNT" value="42"/>
  	<vault-option name="ENC_FILE_DIR" value="<DIR>/jboss/AS-7.1/standalone/data/"/>
</vault>

and it is retained across several server restarts, which usually do not cause any dumping configuration  back to the config file.
But as soon I deploy an EAR, the server writes its config back to the config file and my vault is written as:
    <vault code="org.picketbox.plugins.vault.PicketBoxSecurityVault"/>

The application deployed with EAR is using the DataSource, whose PWD is masked through this vault. It sounds strange but exactly this deployment seems to be the cause of the config dumping and of "killing" of the vault config.


                
> Vault element is not written back to config file
> ------------------------------------------------
>
>                 Key: AS7-3102
>                 URL: https://issues.jboss.org/browse/AS7-3102
>             Project: Application Server 7
>          Issue Type: Sub-task
>          Components: Security
>            Reporter: Dmitri Voronov
>            Assignee: Anil Saldhana
>            Priority: Blocker
>             Fix For: 7.1.0.Final
>
>
> Please see the last comments in the origin issue

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list