[jboss-jira] [JBoss JIRA] (WFCORE-2923) Credential reference integration with client-certificate-store does not work

[ehsavoie Hugonnet (JIRA)]

     [ https://issues.jboss.org/browse/WFCORE-2923?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ehsavoie Hugonnet reassigned WFCORE-2923:
-----------------------------------------

    Assignee: ehsavoie Hugonnet  (was: Darran Lofthouse)


> Credential reference integration with client-certificate-store does not work
> ----------------------------------------------------------------------------
>
>                 Key: WFCORE-2923
>                 URL: https://issues.jboss.org/browse/WFCORE-2923
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>            Reporter: Martin Choma
>            Assignee: ehsavoie Hugonnet
>            Priority: Blocker
>
> By WFCORE-2483 there were introduced attributes {{keystore-password-credential-reference}} and {{key-password-credential-reference}} in resource {{client-certificate-store}}, which is used when syslog server requires client authentication during TLS handshake.
> However this integration does not work.
> Looking into SyslogAuditLogHandler.java I am missing credential reference retrieving code {{CredentialReference.getCredentialSourceSupplier}}
> {code:java|title=SyslogAuditLogHandler.java}
> if (transport == Transport.TLS){
>                     final SSLContext context = SSLContext.getInstance("TLS");
>                     KeyManager[] keyManagers = null;
>                     if (tlsClientCertStorePath != null){
>                         final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
>                         final FileInputStream in = new FileInputStream(pathManager.resolveRelativePathEntry(tlsClientCertStorePath, tlsClientCertStoreRelativeTo));
>                         try {
>                             final KeyStore ks = KeyStore.getInstance("JKS");
>                             ks.load(in, tlsClientCertStorePassword.toCharArray());
>                             kmf.init(ks, tlsClientCertStoreKeyPassword != null ? tlsClientCertStoreKeyPassword.toCharArray() : tlsClientCertStorePassword.toCharArray());
>                             keyManagers = kmf.getKeyManagers();
>                         } finally {
>                             IoUtils.safeClose(in);
>                         }
>                     }
>                     TrustManager[] trustManagers = null;
>                     if (tlsTrustStorePath != null){
>                         final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
>                         final FileInputStream in = new FileInputStream(pathManager.resolveRelativePathEntry(tlsTrustStorePath, tlsTrustStoreRelativeTo));
>                         try {
>                             final KeyStore ks = KeyStore.getInstance("JKS");
>                             ks.load(in, tlsTrustStorePassword.toCharArray());
>                             tmf.init(ks);
>                             trustManagers = tmf.getTrustManagers();
>                         } finally {
>                             IoUtils.safeClose(in);
>                         }
>                     }
> {code}
> Tes (Ignored) https://github.com/wildfly/wildfly-core/pull/2513



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)