Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ELY-1460] External CS, PKCS11 can't be configured with externalPath #1135

Closed
wants to merge 1 commit into from
Closed

[ELY-1460] External CS, PKCS11 can't be configured with externalPath #1135

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions src/main/java/org/wildfly/security/_private/ElytronMessages.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1828,6 +1828,9 @@ public interface ElytronMessages extends BasicLogger {
@Message(id = 9527, value = "Invalid credential store reference")
ConfigXMLParseException xmlInvalidCredentialStoreRef(@Param Location location);

@Message(id = 9528, value = "The externalPath attribute for key store type %s is missing.")
CredentialStoreException externalPathMissing(String keyStoreType);


/* X.500 exceptions */

Expand Down
5 changes: 2 additions & 3 deletions src/main/java/org/wildfly/security/credential/store/impl/KeyStoreCredentialStore.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@
* <li>{@code keyStoreType}: specifies the key store type to use (defaults to {@link KeyStore#getDefaultType()})</li>
* <li>{@code keyAlias}: specifies the secret key alias within the key store to use for encrypt/decrypt of data in external storage (defaults to {@code cs_key})</li>
* <li>{@code external}: specifies whether to store data to external storage and encrypted by {@code keyAlias} key (defaults to {@code false})</li>
* <li>{@code externalPath}: specifies path to the external storage. It has to be used in conjunction with {@code external=true} and it defaults to value of {@code location} when {@code keyStoreType} is PKCS11.</li>
* <li>{@code externalPath}: specifies path to the external storage. It has to be used in conjunction with {@code external=true}</li>
* <li>{@code cryptoAlg}: cryptographic algorithm name to be used to encrypt decrypt entries at external storage ({@code external} has to be set to {@code true})</li>
* </ul>
*/
Expand Down Expand Up @@ -200,8 +200,7 @@ public void initialize(final Map<String, String> attributes, final CredentialSto
if (useExternalStorage) {
final String externalPathName = attributes.get(EXTERNALPATH);
if (externalPathName == null) {
externalPath = location;
location = null;
throw log.externalPathMissing(keyStoreType);
} else {
externalPath = Paths.get(externalPathName);
if (externalPath.equals(location)) {
Expand Down