[jboss-jira] [JBoss JIRA] (WFLY-7623) Multiple CredentialStores with ONE backed credential store file can rewrite values each other.

Darran Lofthouse (JIRA) issues at jboss.org
Fri Nov 18 07:25:00 EST 2016 

    [ https://issues.jboss.org/browse/WFLY-7623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13324810#comment-13324810 ] 

Darran Lofthouse commented on WFLY-7623:
----------------------------------------

[~pskopek] Where did we get to re making it possible to inject a KeyStore instead of having the file definition in the CredentialStore?

> Multiple CredentialStores with ONE backed credential store file can rewrite values each other.
> ----------------------------------------------------------------------------------------------
>
>                 Key: WFLY-7623
>                 URL: https://issues.jboss.org/browse/WFLY-7623
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>            Reporter: Hynek Švábek
>            Assignee: Peter Skopek
>
> Multiple CredentialStores with ONE backed credential store file can rewrite values each other.
> *How to reproduce*
> {code}
> /subsystem=elytron/credential-store=credStore001:add(uri="cr-store://test/cs001.jceks?store.password=pass123;create.storage=true")
> /subsystem=elytron/credential-store=credStore001/alias="alias1":add(secret-value=Elytron)
> {code}
> {code}
> /subsystem=elytron/credential-store=credStore002:add(uri="cr-store://test/cs001.jceks?store.password=pass123")
> {code}
> check CS file
> there is "alias1" entry
> {code}
> /subsystem=elytron/credential-store=credStore001/alias="alias2":add(secret-value=Elytron)
> {code}
> check CS file
> there are "alias1" and "alias2" entries
> {code}
> /subsystem=elytron/credential-store=credStore002/alias="alias123":add(secret-value=Elytron)
> {code}
> check CS file
> there are "alias1" and "alias123" entries".
> *NOTE*
> It is problem, because we have one backed file. In memory we have right values for all Credential Stores, but after restart we can lost new entries.
> In my opinion reason for this behaviour is:
> We have CS loaded in memory and when we add new alias to CS then we save whole CS from memory to file.
> We can set CS as non-modifiable when we use same backed file for CredentialStore but we must find better default behaviour.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list