[jboss-jira] [JBoss JIRA] (AS7-5156) Management doesn't work with vaulted passwords in security realm correctly
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Thu Jul 12 04:34:12 EDT 2012
[ https://issues.jboss.org/browse/AS7-5156?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse reassigned AS7-5156:
-------------------------------------
Assignee: Darran Lofthouse
> Management doesn't work with vaulted passwords in security realm correctly
> --------------------------------------------------------------------------
>
> Key: AS7-5156
> URL: https://issues.jboss.org/browse/AS7-5156
> Project: Application Server 7
> Issue Type: Bug
> Affects Versions: 7.1.2.Final (EAP)
> Reporter: Andy Goldstein
> Assignee: Darran Lofthouse
>
> I've been trying to get a vaulted password working with the management interface (e.g. http://localhost:9990), but it isn't working for me. I've tried EAP 6 and I've also built the latest from the 7.1 git branch locally, and neither is successful.
> I think I've narrowed it down to the unmaskUsersPasswords method in org.jboss.as.domain.management.security.SecurityRealmAddHandler. It looks like when the for loop gets the list of properties to iterate through via users.get(USER).asPropertyList(), I think it's actually cloning each individual property. This means the property loop variable is essentially thrown away after looping, and the users variable remains unmodified. I have stepped through the debugger and can see the vault correctly decrypting my password, but when this method exits, it is no longer decrypted.
> I'd be happy to provide sample configuration files if necessary. Please let me know if you need more information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list