[jboss-jira] [JBoss JIRA] (WFLY-7865) We cannot define CS file location outside of EAP directory
Brian Stansberry (JIRA)
issues at jboss.org
Wed Jan 11 10:21:01 EST 2017
[ https://issues.jboss.org/browse/WFLY-7865?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13346593#comment-13346593 ]
Brian Stansberry commented on WFLY-7865:
----------------------------------------
[~hsvabek] Great. :)
FYI, an expression works too for people who don't want to configure a fixed path that may not be valid in all environments. That can be handy for something with a well known system property like java.io.tmpdir:
{code}
[standalone at embedded /] /path=java.io.tmpdir:add(path=${java.io.tmpdir})
{"outcome" => "success"}
[standalone at embedded /] /path=java.io.tmpdir:read-attribute(name=path,resolve-expressions=false)
{
"outcome" => "success",
"result" => expression "${java.io.tmpdir}"
}
[standalone at embedded /] /path=java.io.tmpdir:read-attribute(name=path,resolve-expressions=true)
{
"outcome" => "success",
"result" => "/var/folders/_6/kpk00m_142x4r75q8fr3kkfw0000gn/T/"
}
{code}
We could consider adding java.io.tmpdir to the list of standard paths we always install. That might be a minor migration hassle though for people that already set it themselves. We reject configs that attempt to directly set the standard paths. It would be a somewhat bigger migration hassle for people that already set it themselves, but to a different value than what the system property says. They'd have to use a new name for the path if they want to keep their existing value.
> We cannot define CS file location outside of EAP directory
> ----------------------------------------------------------
>
> Key: WFLY-7865
> URL: https://issues.jboss.org/browse/WFLY-7865
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Hynek Švábek
> Assignee: Peter Skopek
> Priority: Critical
>
> We aren't able define location of CS file outside of EAP directory. When user has CS file on NFS he isn't able to reach this file.
> Define CS file location to JBOSS_HOME/Standalone/data directory:
> {code}
> /subsystem=elytron/credential-store=CredStore001:add(uri="cr-store://test/cs123.jceks?create.storage=true", credential-reference={clear-text=pass123}, relative-to=jboss.server.data.dir)
> {code}
> When I try set relative to TEMP directory:
> {code}
> /subsystem=elytron/credential-store=CredStore002:add(uri="cr-store://test/cs123.jceks?create.storage=true", credential-reference={clear-text=pass123}, relative-to=java.io.tmpdir)
> {code}
> I get this error
> {code}
> {
> "outcome" => "failed",
> "failure-description" => {
> "WFLYCTL0412: Required services that are not installed:" => ["jboss.server.path.\"java.io.tmpdir\""],
> "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.credential-store.CredStore002 is missing [jboss.server.path.\"java.io.tmpdir\"]"]
> },
> "rolled-back" => true
> }
> {code}
> *NOTE:*
> *relative-to* is resolved here https://github.com/wildfly-security/elytron-subsystem/blob/c223be428b9a6fa2a39c0187d338793aa82ff5fd/src/main/java/org/wildfly/extension/elytron/CredentialStoreResourceDefinition.java#L218
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list