Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-762

Bug in JBossJSSESecurityDomain.java - attempting to use wrong provider

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: PicketBox_4_0_19.Final
    • Fix Version/s: None
    • Component/s: JBossSX
    • Labels:
      None
    • Steps to Reproduce:
      Hide

      Steps to Reproduce:
      Setup a security-domain that defines a JSSE keystore/truststore:

      <!-- keystore works
      <jsse keystore-url="/home/dehort/dev/java/jboss-eap-6.1.1/standalone/configuration/server.keystore"
      keystore-password="123456"
      key-manager-factory-algorithm="SunX509"
      key-manager-factory-provider="SunJSSE"/>
      -->

      <!-- truststore configured the same way fails -->
      <jsse truststore-url="/home/dehort/dev/java/jboss-eap-6.1.1/standalone/configuration/server.keystore"
      truststore-password="123456"
      trust-manager-factory-algorithm="SunX509"
      trust-manager-factory-provider="SunJSSE"/>

      Show
      Steps to Reproduce: Setup a security-domain that defines a JSSE keystore/truststore: <!-- keystore works <jsse keystore-url="/home/dehort/dev/java/jboss-eap-6.1.1/standalone/configuration/server.keystore" keystore-password="123456" key-manager-factory-algorithm="SunX509" key-manager-factory-provider="SunJSSE"/> --> <!-- truststore configured the same way fails --> <jsse truststore-url="/home/dehort/dev/java/jboss-eap-6.1.1/standalone/configuration/server.keystore" truststore-password="123456" trust-manager-factory-algorithm="SunX509" trust-manager-factory-provider="SunJSSE"/>
    • Bugzilla Update:
      Perform

      Description

      There is a bug in JBossJSSESecurityDomain.java where it attempts to use the keystore/truststore provider to get instances of the trust manager.

      The code reads:
      if (trustManagerFactoryProvider != null)
      trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustStoreProvider);
      else
      trustManagerFactory = TrustManagerFactory.getInstance(algorithm);

      I think it should read:
      if (trustManagerFactoryProvider != null)
      trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustManagerFactoryProvider);
      else
      trustManagerFactory = TrustManagerFactory.getInstance(algorithm);

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                anil.saldhana Anil Saldanha
                Reporter:
                dehort Derek Horton
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: