Bug 960820

Summary: Recursive expression resolution
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: jooho lee <jlee>
Component: Domain ManagementAssignee: Brian Stansberry <brian.stansberry>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.0.1CC: brian.stansberry, jsightle, msimka
Target Milestone: ER1   
Target Release: EAP 6.2.0   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Expressions contained in the output of other expressions were not being resolved. This meant that it was not possible to use expressions in configuration to refer to other expressions, such as one that referred to a vault expression. This occurred because the output of expression resolution was not checked for the existence of further expressions to resolve. Expression resolution is now recursive. When an expression is resolved, a check is made for any further expressions to resolve in the output. This continues until no further expressions are found. Expressions can now be used to refer to other expressions in configuration.
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-12-15 16:21:37 UTC Type: Feature Request
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description jooho lee 2013-05-08 05:00:21 UTC
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 jooho lee 2013-05-08 05:24:58 UTC
Sorry 

Description of problem:
A properties file could be loaded with -P option when EAP is starting. 
Short value is loading well but long value is not loaded fully. From 53th character, it is not loaded. In other words, rest of the value after 53th string are ignored.

Version-Release number of selected component (if applicable):
EAP 6.0.1, 6.1Alpha

How reproducible:
This way is just for test.

Steps to Reproduce:
0. Set up postgresql datasource in standalone.xml

You can use my environment :
 <datasource jndi-name="java:jboss/PostgresDS" pool-name="PostgresDS" enabled="true">
                    <connection-url>jdbc:postgresql://10.64.165.175:5432/postgres</connection-url>
                    <driver>postgresql</driver>
                    <security>
                        <user-name>postgres</user-name>
                        <password>postgres</password>
                    </security>
                    <validation>
                        <valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker"/>
                        <exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter"/>
                    </validation>
                </datasource>
                <drivers>
                     <driver name="postgresql" module="org.postgresql">
                        <xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class>
                    </driver>
                </drivers>


(Note) You can test it with dstest.war 
      JNDI Name of Datasource: java:jboss/PostgresDS
      Table Name to Query (optional): jbtravel.user

1.Create db.properties
postgre.user=${VAULT::postgreDS_PW::password::ZGYwMmRmYTEtNzRjMS00M2JlLWFjNzEtZmIxMTU0ZTcxMjNlTElORV9CUkVBS3ZhdWx0}

2.Change standalon.xml 
<security>
   <user-name>${postgre.user:1111}</user-name>
   <password>postgres</password>
</security>
                   

3.test it with dstest.war for test.
 http://localhost:8080/dstest/
JNDI Name of Datasource: java:jboss/PostgresDS
Table Name to Query (optional): jbtravel.user
  

Actual results:
....
 Caused by: org.postgresql.util.PSQLException: FATAL: password authentication failed for user "${VAULT::postgreDB_PW::password::OGVjNWQ5N2QtODcwZC00MmE0LThlZW"
.....

Expected results:
Caused by: org.postgresql.util.PSQLException: FATAL: password authentication failed for user 
${VAULT::postgreDS_PW::password::ZGYwMmRmYTEtNzRjMS00M2JlLWFjNzEtZmIxMTU0ZTcxMjNlTElORV9CUkVBS3ZhdWx0}

Additional info:
Test Environment.
Postgresql ip :10.64.165.175:5432
ID : postgre
PW : postrgre

Comment 2 jooho lee 2013-05-08 05:26:10 UTC
Created attachment 745040 [details]
Data Source Test War

Comment 3 jooho lee 2013-06-05 00:16:13 UTC
I tested it again and found out the real property value is loaded properly.

However, if the value contains nested expression, EAP do not change it to plain text before passing it to database. Hence, EAP just pass nested expression "${VAULT::postgreDS_PW::password::ZGYwMmRmYTEtNzRjMS00M2JlLWFjNzEtZmIxMTU0ZTcxMjNlTElORV9CUkVBS3ZhdWx0}" as a real value.

Therefore, I should think this case title should be changed to "Do not support nested expression in Database password using -P option."

Thanks,
Jooho Lee, Jay.

Comment 4 Brian Stansberry 2013-06-05 13:40:58 UTC
I changed the issue title and made this a Feature Request. This is basically a request for a port of WFLY-117 to EAP 6.

Comment 5 Brian Stansberry 2013-06-05 13:41:36 UTC
WFLY-1177, not WFLY-117.

Comment 6 Jesse Sightler 2013-06-17 02:23:07 UTC
Sent pull request here:
https://github.com/jbossas/jboss-eap/pull/180

Comment 8 Martin Simka 2013-09-23 09:55:08 UTC
verified on EAP 6.2.0.ER1