[jboss-jira] [JBoss JIRA] (WFLY-7125) Required attributes of elytron key-store creation CLI command

Martin Choma (JIRA) issues at jboss.org
Fri Sep 16 05:27:05 EDT 2016 

     [ https://issues.jboss.org/browse/WFLY-7125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Choma moved JBEAP-6035 to WFLY-7125:
-------------------------------------------

              Project: WildFly  (was: JBoss Enterprise Application Platform)
                  Key: WFLY-7125  (was: JBEAP-6035)
             Workflow: GIT Pull Request workflow   (was: CDW with loose statuses v1)
          Component/s: Security
                           (was: Security)
    Affects Version/s: 11.0.0.Alpha1
                           (was: 7.1.0.DR4)


> Required attributes of elytron key-store creation CLI command
> -------------------------------------------------------------
>
>                 Key: WFLY-7125
>                 URL: https://issues.jboss.org/browse/WFLY-7125
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 11.0.0.Alpha1
>            Reporter: Martin Choma
>            Assignee: Darran Lofthouse
>            Priority: Critical
>
> Minimal CLI command to create key store is
> {code}
> /subsystem=elytron/key-store=server:add(type="JKS")
> {code}
> But it has these problems:
> * Command let me create jks keystore without {{path}} specified. It is because {{required}} attribute is default to false. I can think of 2 {{required=false}} usages:
> 	PKCS11
> 	some sort of dynamic key-store creation in runtime 
> But that looks to me as less common cases. I think dominantlly user will use file-based key store type with existing keystore. So I would propose to change default {{required}} default to true.
> * Password attribute has to be required. I can't think of case when that could be ommited.
> * Attribute {{type}} could be optional. If not set default value can be Keystore.getDefaultType(). As model cant't express this, it can be documented in description.
> In result it will  be possible to create key-store by this minimal CLI command:
> {code}
> /subsystem=elytron/key-store=server:add(path="server.jks", password="secret")
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list