[jboss-jira] [JBoss JIRA] (WFLY-7125) Required attributes of elytron key-store creation CLI command

Martin Choma (JIRA) issues at jboss.org
Fri Sep 16 07:42:00 EDT 2016 

     [ https://issues.jboss.org/browse/WFLY-7125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Choma updated WFLY-7125:
-------------------------------
    Description: 
Minimal CLI command to create key store is
{code}
/subsystem=elytron/key-store=server:add(type="JKS")
{code}

But it has these problems:
* Password attribute has to be required. I can't think of case when that could be ommited.
* Attribute {{type}} could be optional. If not set default value can be Keystore.getDefaultType(). As model cant't express this, it can be documented in description.

  was:
Minimal CLI command to create key store is
{code}
/subsystem=elytron/key-store=server:add(type="JKS")
{code}

But it has these problems:
* Command let me create jks keystore without {{path}} specified. It is because {{required}} attribute is default to false. I can think of 2 {{required=false}} usages:
	PKCS11
	some sort of dynamic key-store creation in runtime 

But that looks to me as less common cases. I think dominantlly user will use file-based key store type with existing keystore. So I would propose to change default {{required}} default to true.

* Password attribute has to be required. I can't think of case when that could be ommited.
* Attribute {{type}} could be optional. If not set default value can be Keystore.getDefaultType(). As model cant't express this, it can be documented in description.


In result it will  be possible to create key-store by this minimal CLI command:
{code}
/subsystem=elytron/key-store=server:add(path="server.jks", password="secret")
{code}



> Required attributes of elytron key-store creation CLI command
> -------------------------------------------------------------
>
>                 Key: WFLY-7125
>                 URL: https://issues.jboss.org/browse/WFLY-7125
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 11.0.0.Alpha1
>            Reporter: Martin Choma
>            Assignee: Darran Lofthouse
>            Priority: Critical
>
> Minimal CLI command to create key store is
> {code}
> /subsystem=elytron/key-store=server:add(type="JKS")
> {code}
> But it has these problems:
> * Password attribute has to be required. I can't think of case when that could be ommited.
> * Attribute {{type}} could be optional. If not set default value can be Keystore.getDefaultType(). As model cant't express this, it can be documented in description.



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list