[jboss-jira] [JBoss JIRA] (WFCORE-1597) Do a lenient case insensitive check for JKS keystore provider type in the configured truststore of a security realm

jaikiran pai (JIRA) issues at jboss.org
Thu Jun 16 02:06:00 EDT 2016 

    [ https://issues.jboss.org/browse/WFCORE-1597?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13253213#comment-13253213 ] 

jaikiran pai commented on WFCORE-1597:
--------------------------------------

Pull requests, to master and 2.x branch, sent:

https://github.com/wildfly/wildfly-core/pull/1616
https://github.com/wildfly/wildfly-core/pull/1615


> Do a lenient case insensitive check for JKS keystore provider type in the configured truststore of a security realm
> -------------------------------------------------------------------------------------------------------------------
>
>                 Key: WFCORE-1597
>                 URL: https://issues.jboss.org/browse/WFCORE-1597
>             Project: WildFly Core
>          Issue Type: Enhancement
>          Components: Domain Management
>    Affects Versions: 2.2.0.CR2, 3.0.0.Alpha1
>         Environment: WildFly 10.0.0.Final
>            Reporter: jaikiran pai
>            Assignee: Brian Stansberry
>
> One of the users of WildFly 10.0.0.Final reports that when he configured the truststore as follows:
> {code}
> <truststore provider="jks" path="server.truststore" relative-to="jboss.server.config.dir" keystore-password="#######"/>
> {code}
> Notice the value for provider - it's lower case jks. Apparently this causes issues and the truststore doesn't work. It works when the value is set to JKS instead. 
> Looking at the code in SecurityRealmAddHandler it does a case sensitive check on the value to see if it's a JKS provider and if it is, only then does it use the configured keystore relative path. Otherwise, it just ignores the keystore relative path and leads to hard to debug SSL issues.
> I think it would be better to do a case insensitive check to see if JKS is the configured keystore provider.
> The relevant forum thread discussion is here https://developer.jboss.org/message/958142#958142



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list