[jboss-jira] [JBoss JIRA] (ELY-1608) Keystores do not expose same operation

Martin Choma (JIRA) issues at jboss.org
Thu Jul 12 08:21:00 EDT 2018 

     [ https://issues.jboss.org/browse/ELY-1608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Choma updated ELY-1608:
------------------------------
    Need Info from: Darran Lofthouse, Farah Juma


> Keystores do not expose same operation
> --------------------------------------
>
>                 Key: ELY-1608
>                 URL: https://issues.jboss.org/browse/ELY-1608
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: KeyStores
>    Affects Versions: 1.4.0.Final
>            Reporter: Martin Choma
>
> This JIRA is in this stage for discussion purposed.
> In context of https://issues.jboss.org/browse/PRODMGT-1907 I have compared operations of resources providing same capability in elytron subsystem.
> I want to discuss.
> * {code}
> diff key-store.operations ldap-key-store.operations 
> 5,9d4
> <         "change-alias",
> <         "export-certificate",
> <         "generate-certificate-signing-request",
> <         "generate-key-pair",
> <         "import-certificate",
> 14d8
> <         "load",
> 34d27
> <         "store",
> {code}
> load() was introduced by EAP7-455
> rest of operations were introduced by EAP7-650
> Now question is if these operations (load() is already covered by PRODMGT-1907) shouldn be also in `ldap-key-store`.
> * filtering-key-store
> should it also contain extended operations or it is enough only underlying key-store has them
> * Keystore capability org.wildfly.security.key-store is referenced in filtering-key-store, key-manager, trust-manager, keystore-realm, token-realm . Is it necessary to propagate load operation also to these resources.
> key-manager has init() operation. trust-manager does not have such operation but went through EAP7-455 so is probably ok. filtering-key-store probably does not "cache" keystore but request underlying keystore. What about keystore-realm, token-realm ? 
> * Although same resources "provide" same capability (org.wildfly.security.key-store) There is no guarantee they should provide same operations on model level, right? It is just user experience issue as one could expect same operations.



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list