[jboss-jira] [JBoss JIRA] (WFCORE-3434) ERROR in logs while using vault in system properties
Chao Wang (JIRA)
issues at jboss.org
Tue Nov 28 03:24:00 EST 2017
[ https://issues.jboss.org/browse/WFCORE-3434?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13494508#comment-13494508 ]
Chao Wang commented on WFCORE-3434:
-----------------------------------
The false error is logged in [RuntimeVaultReader.java|https://github.com/wildfly/wildfly-core/pull/2087/files#diff-34140f86bafe6ff85e557ec43ee04db3R133]. This happens because previous fix for WFCORE-2182 decides to log a message instead of throwing an exception in [ServerLogger.java|https://github.com/wildfly/wildfly-core/pull/2087/files#diff-45dc1f8e3e3da4c01fb1af4b027c97c6R1154]
When there is system properties needs vault resolution, this kind resolution exception needs to be caught in SystemPropertyAddHandler which gives a second chance to resolve system property later in SystemPropertyDeferredProcessor after vault is being created. Looking at comments before log the error, it's supposed to help user to understand reason for next NoSuchItemException, However this causes confusion error to terminal when someone uses VALUT value in system properties as they're actually resolved by SystemPropertyDeferredProcessor.
I think we can remove the error and let SystemPropertyAddHandler handles failures as before, or update log level to DEBUG, in that case, people should still be aware of the possible debug message before applying SystemPropertyDeferredProcessor.
> ERROR in logs while using vault in system properties
> ----------------------------------------------------
>
> Key: WFCORE-3434
> URL: https://issues.jboss.org/browse/WFCORE-3434
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Affects Versions: 4.0.0.Alpha3
> Environment: JBoss EAP 7.1 Beta
> Reporter: Chao Wang
> Assignee: Chao Wang
> Priority: Minor
>
> Getting below ERROR message in server.log when *Picketbox Vault expressions* used in *system properties*.:
> {code:java}
> ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0230: Vault is not initialized; resolution of vault expressions is not possible
> {code}
> Below expressions are resolving fine but due to race condition this ERROR message got printed in the logs.
> {code:java}
> <system-properties>
> <property name="javax.net.ssl.trustStore" value="/home/jboss-eap-7.1/vault/vault.keystore"/>
> <property name="javax.net.ssl.trustStorePassword" value="${VAULT::datasource::password::1}"/>
> </system-properties>
> <vault>
> <vault-option name="KEYSTORE_URL" value="/home/jboss-eap-7.1/vault/vault.keystore"/>
> <vault-option name="KEYSTORE_PASSWORD" value="MASK-2GAtdnlXL8H"/>
> <vault-option name="KEYSTORE_ALIAS" value="vault"/>
> <vault-option name="SALT" value="12345678"/>
> <vault-option name="ITERATION_COUNT" value="44"/>
> <vault-option name="ENC_FILE_DIR" value="/home/jboss-eap-7.1/vault/"/>
> </vault>
> {code}
> Expression is actually resolving to the correct value and that can be check using below CLI command :
> {code:java}
> /core-service=platform-mbean/type=runtime:read-attribute(name=system-properties).
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list