[jboss-jira] [JBoss JIRA] (WFLY-8143) Empty secret-value is not allowed in credential stores
Josef Cacek (JIRA)
issues at jboss.org
Thu Feb 16 10:59:01 EST 2017
Josef Cacek created WFLY-8143:
---------------------------------
Summary: Empty secret-value is not allowed in credential stores
Key: WFLY-8143
URL: https://issues.jboss.org/browse/WFLY-8143
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Josef Cacek
Assignee: Darran Lofthouse
Priority: Critical
It's not possible to add an entry with empty secret-value into a credential store.
Masking the fact the password is empty is a valid scenario.
{code}
[standalone at localhost:9990 /] /subsystem=elytron/credential-store=cred-store-default/alias=emptysecret:add()
{
"outcome" => "failed",
"failure-description" => "WFLYCTL0155: 'secret-value' may not be null",
"rolled-back" => true
}
[standalone at localhost:9990 /] /subsystem=elytron/credential-store=cred-store-default/alias=emptysecret:add(secret-value="")
{
"outcome" => "failed",
"failure-description" => "WFLYCTL0113: '' is an invalid value for parameter secret-value. Values must have a minimum length of 1 characters",
"rolled-back" => true
}
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list