[jboss-jira] [JBoss JIRA] (WFCORE-2199) RuntimeExpressionResolver does not fail upon seeing a vault expression if no VaultReader is present
Brian Stansberry (JIRA)
issues at jboss.org
Mon Jan 16 15:17:00 EST 2017
[ https://issues.jboss.org/browse/WFCORE-2199?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry updated WFCORE-2199:
-------------------------------------
Description:
If the server is unable to instantiate RuntimeVaultReader, which will be the case for the WildFly Core dist as it doesn't package the org.picketbox module needed by RuntimeVaultReader, then RuntimeExpressionResolver will ignore vault expressions, allowing the superclass to take over and process them. This will be done incorrectly, as the superclass will treat the first ':' in the vault expression as the delimiter between a system property name and the default value, resolving the expression to everything after that first ':'. So
{code}
${VAULT::datasources::password::123AB45CD}
{code}
resolves to
{code}
:datasources::password::123AB45CD
{code}
Minor as the resolved value is unlikely to be useful, so there will be a failure.
Possibly could be treated as an Enhancement.
Fix would be for RuntimeExpressionResolver to check for the vault expression pattern and throw NoSuchItemException if found and not VaultReader is available.
was:
If the server is unable to instantiate RuntimeVaultReader, which will be the case for the WildFly Core dist as it doesn't package the org.picketbox module needed by RuntimeVaultReader, then RuntimeExpressionResolver will ignore vault expressions, allowing the superclass to take over and process them. This will be done incorrectly, as the superclass will treat the first ':' in the vault expression as the delimiter between a system property name and the default value, resolving the expression to everything after that first ':'. So
${VAULT::datasources::password::123AB45CD}
resolves to
:datasources::password::123AB45CD
Minor as the resolved value is unlikely to be useful, so there will be a failure.
Possibly could be treated as an Enhancement.
Fix would be for RuntimeExpressionResolver to check for the vault expression pattern and throw NoSuchItemException if found and not VaultReader is available.
> RuntimeExpressionResolver does not fail upon seeing a vault expression if no VaultReader is present
> ---------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2199
> URL: https://issues.jboss.org/browse/WFCORE-2199
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Reporter: Brian Stansberry
> Assignee: Brian Stansberry
> Priority: Minor
>
> If the server is unable to instantiate RuntimeVaultReader, which will be the case for the WildFly Core dist as it doesn't package the org.picketbox module needed by RuntimeVaultReader, then RuntimeExpressionResolver will ignore vault expressions, allowing the superclass to take over and process them. This will be done incorrectly, as the superclass will treat the first ':' in the vault expression as the delimiter between a system property name and the default value, resolving the expression to everything after that first ':'. So
> {code}
> ${VAULT::datasources::password::123AB45CD}
> {code}
> resolves to
> {code}
> :datasources::password::123AB45CD
> {code}
> Minor as the resolved value is unlikely to be useful, so there will be a failure.
> Possibly could be treated as an Enhancement.
> Fix would be for RuntimeExpressionResolver to check for the vault expression pattern and throw NoSuchItemException if found and not VaultReader is available.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list