qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-6364) [Java Broker] Keystore data url must be a secure attribute
Date Mon, 09 Feb 2015 16:36:34 GMT

    [ https://issues.apache.org/jira/browse/QPID-6364?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14312426#comment-14312426

ASF subversion and git services commented on QPID-6364:

Commit 1658453 from orudyy@apache.org in branch 'qpid/trunk'
[ https://svn.apache.org/r1658453 ]

QPID-6364: Set Keystore/Truststore derived attribute 'path' to non-data URL. Change the upgrader
to upgrade only FileKeyStore and FileTrustStore

> [Java Broker] Keystore data url must be a secure attribute
> ----------------------------------------------------------
>                 Key: QPID-6364
>                 URL: https://issues.apache.org/jira/browse/QPID-6364
>             Project: Qpid
>          Issue Type: Bug
>          Components: Java Broker
>            Reporter: Alex Rudyy
>            Assignee: Keith Wall
>             Fix For: 0.31
> The contents of the java keystore are private by its nature, whilst it is protected by
password, we shouldn't return the contents over REST, as this would pose a security concern.
> Refactor the FileKeystoreImpl/UI so that the contents of the keystore can be marked as
>     New attribute (marked as secure) that accepts both a path or dataurl.
>     Path attribute to become derived, It will populated only if it contains a file path
(if the object is being populated from a dataurl it will be null)
>     Upgrader to take care of upgrading old stores with the path attribute
>     Changes to the UI. UI to continue to allow an existing path to be modified.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org

View raw message