Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.DR16
Affects Version/s: 7.1.0.DR12
Component/s: Security
Labels:

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Release Note Status:
Not Required
Target Release:

7.1.0.GA

SFDC Cases Counter:
SFDC Cases Links:

It's not possible to add an entry with empty secret-value into a credential store.

Masking the fact the password is empty is a valid scenario.

[standalone@localhost:9990 /] /subsystem=elytron/credential-store=cred-store-default/alias=emptysecret:add()
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0155: 'secret-value' may not be null",
    "rolled-back" => true
}
[standalone@localhost:9990 /] /subsystem=elytron/credential-store=cred-store-default/alias=emptysecret:add(secret-value="")
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0113: '' is an invalid value for parameter secret-value. Values must have a minimum length of 1 characters",
    "rolled-back" => true
}

Unignore tests
When this issue is fixed, unignore (and fix if needed) related tests in testsuite/elytron/src/test/java/org/wildfly/test/integration/elytron/application/. Thanks.

git grep WFLY-8143

blocks

JBEAP-8571 CredentialStore issues

Resolved

is cloned by

WFCORE-2455 Empty secret-value is not allowed in credential stores

Resolved

is incorporated by

JBEAP-9571 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta13

Verified

Assignee:: Emmanuel Hugonnet

Reporter:: Josef Cacek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2017/02/16 10:58 AM

Updated:: 2020/09/14 5:31 AM

Resolved:: 2017/03/24 5:01 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates