Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-9069

[Fuse 7] Undertow unable to externalize strings containing password

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Done
    • Affects Version/s: fuse-7.0
    • Fix Version/s: fuse-7.1
    • Component/s: Karaf, Undertow
    • Labels:
      None
    • Workaround Description:
      Hide

      Set these properties in etc/custom.properties or etc/config.properties - these are available as new BundleContextPropertyResolver(bundleContext)

      but these are still unencrypted !!

      Show
      Set these properties in etc/custom.properties or etc/config.properties - these are available as new BundleContextPropertyResolver(bundleContext) but these are still unencrypted !!
    • Sprint:
      Fuse 7.1 Sprint 31, Fuse 7.1 Sprint 32

      Description

      Externalizing those parameters it doesn't works

          <security-realm name="https">
              <w:server-identities>
                  <w:ssl>
                      <w:engine enabled-protocols="TLSv1 TLSv1.1 TLSv1.2" />
                      <w:keystore path="${karaf.etc}/certs/server.keystore" provider="JKS" alias="server"
                              keystore-password="${org.osgi.service.http.keystore.password}" key-password="${org.osgi.service.http.key-password}"
                              generate-self-signed-certificate-host="localhost" />
                  </w:ssl>
              </w:server-identities>
              <w:authentication>
                  <w:truststore path="${karaf.etc}/certs/server.truststore" provider="JKS" keystore-password="${org.osgi.service.http.truststore.password}" />
              </w:authentication>
          </security-realm>
      

      org.ops4j.pax.web.cfg :

      org.osgi.service.http.truststore.password=secret
      org.osgi.service.http.key-password=secret
      org.osgi.service.http.keystore.password=secret
      

      Some improvements should be done here:
      https://github.com/ops4j/org.ops4j.pax.web/blob/master/pax-web-undertow/src/main/java/org/ops4j/pax/web/service/undertow/internal/ServerControllerImpl.java#L386-L388

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  grgrzybek Grzegorz Grzybek
                  Reporter:
                  rhn-support-aboucham Abel BOUCHAMA
                  Tester:
                  Vratislav Hais
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: