[jboss-jira] [JBoss JIRA] (ELY-1608) Keystores do not expose same operation
Martin Choma (JIRA)
issues at jboss.org
Thu Jul 12 07:36:00 EDT 2018
Martin Choma created ELY-1608:
---------------------------------
Summary: Keystores do not expose same operation
Key: ELY-1608
URL: https://issues.jboss.org/browse/ELY-1608
Project: WildFly Elytron
Issue Type: Bug
Components: KeyStores
Affects Versions: 1.4.0.Final
Reporter: Martin Choma
This JIRA is in this stage for discussion purposed.
In context of https://issues.jboss.org/browse/PRODMGT-1907 I have compared operations of resources providing same capability in elytron subsystem.
I want to discuss.
*
{code}
diff key-store.operations ldap-key-store.operations
5,9d4
< "change-alias",
< "export-certificate",
< "generate-certificate-signing-request",
< "generate-key-pair",
< "import-certificate",
14d8
< "load",
34d27
< "store",
{code}
load() was introduced by EAP7-455
rest of operations were introduced by EAP7-650
Now question is if these operations (load() is already covered by PRODMGT-1907) shouldn be also in `ldap-key-store`.
* filtering-key-store
should it also contain extended operations or it is enough only underlying key-store has them
*
Keystore capability org.wildfly.security.key-store is referenced in filtering-key-store, key-manager, trust-manager, keystore-realm, token-realm . Is it necessary to propagate load operation also to these resources.
key-manager has init() operation. trust-manager does not have such operation but went through EAP7-455 so is probably ok. filtering-key-store probably does not "cache" keystore but request underlying keystore. What about keystore-realm, token-realm ?
* Although same resources "provide" same capability (org.wildfly.security.key-store) There is no guarantee they should provide same operations on model level, right? It is just user experience issue as one could expect same operations.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list