[jboss-jira] [JBoss JIRA] (ELY-1148) Wildfly Elytron Tool, Vault command summary output contains MASKed password even when user uses plain-text password.
Hynek Švábek (JIRA)
issues at jboss.org
Wed May 10 09:40:00 EDT 2017
[ https://issues.jboss.org/browse/ELY-1148?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hynek Švábek closed ELY-1148.
-----------------------------
Release Notes Text: It will be documented only.
Resolution: Won't Fix
> Wildfly Elytron Tool, Vault command summary output contains MASKed password even when user uses plain-text password.
> --------------------------------------------------------------------------------------------------------------------
>
> Key: ELY-1148
> URL: https://issues.jboss.org/browse/ELY-1148
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Hynek Švábek
> Assignee: Darran Lofthouse
> Priority: Critical
>
> Vault command summary output contains MASKed password even when user uses plain-text password. It is masked through default values of SALT and ITERATION.
> There must be at least an information in help that plain-text password will be masked in summary output and as SALT and ITERATION will be used default values.
> {code}
> java -jar wildfly-elytron-tool.jar vault --enc-dir ./ --keystore server.store --keystore-password secretsecret --location cs012.jceks --alias jboss --summaryVault (enc-dir="./";keystore="server.store") converted to credential store "cs012.jceks"
> Vault Conversion summary:
> --------------------------------------
> Vault Conversion Successful
> CLI command to add new credential store:
> /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="cs012.jceks",implementation-properties={},credential-reference={clear-text="MASK-13KrO2ZNhwNg3UxmIt.02D;12345678;23"})
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list