Bug 1056799 - [GSS] (6.3.0) JBMETA-371: DefaultPropertyReplacer + PropertyResolver is broken for vault expressions
Summary: [GSS] (6.3.0) JBMETA-371: DefaultPropertyReplacer + PropertyResolver is broke...
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: EE
Version: 6.2.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: DR2
: EAP 6.3.0
Assignee: David M. Lloyd
QA Contact:
Depends On: 1066365
Blocks: 1058959 1058961
TreeView+ depends on / blocked
Reported: 2014-01-22 23:10 UTC by Chris Dolphy
Modified: 2018-12-06 15:43 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
In previous versions of JBoss EAP 6, the expression resolving logic in the `DefaultPropertyReplacer` and `PropertyResolver` classes (used for parsing deployment descriptor files) assumed that the expression content between `"${"` and `"}"` was of a fixed format where any `":"` char in the expression represented a separator between a system property name and a default value. This meant that security vault expressions in deployment descriptors could not be successfully parsed, as `":"` is always used in those expressions and not as a separator preceding a default value. Vault expressions would be evaluated incorrectly with the expression content following the first `":"` being treated as the resolved value. In this versions of the product, when the end of an expression is detected, before returning the expression contents following the first `":"` as the resolved value, the resolver first checks whether the entire expression can be resolved. Security vault expressions can now be used in deployment descriptor files where expressions are allowed in general.
Clone Of:
: 1058959 1060260 (view as bug list)
Last Closed: 2014-06-28 15:30:02 UTC
Type: Bug

Attachments (Terms of Use)
source for test war (4.61 KB, application/x-compressed-tar)
2014-01-22 23:10 UTC, Chris Dolphy
no flags Details

System ID Priority Status Summary Last Updated
Red Hat One Jira Issue Tracker JBMETA-371 Major Resolved DefaultPropertyReplacer + PropertyResolver is broken for vault expressions 2015-07-02 19:04:45 UTC

Description Chris Dolphy 2014-01-22 23:10:42 UTC
Created attachment 854107 [details]
source for test war

Description of problem:
After enabling property replacement with spec-descriptor-property-replacement, the property replacement fails.  

Version-Release number of selected component (if applicable):
EAP 6.2

How reproducible:
With test case.

Steps to Reproduce:
1. Create vault with test::queue property:

mkdir standalone/configuration/vault

keytool -genseckey -alias vault -storetype jceks -keyalg AES -keysize 128 -storepass password -keypass password -keystore standalone/configuration/vault/vault.keystore

bin/vault.sh -k standalone/configuration/vault/vault.keystore -p password -s saltsalt -v vault -i 44 -e standalone/configuration/vault/ -b test -a queue -x /queue/HELLOWORLDMDBQueue

2. modify standalone-full.xml, adding the results of vault.sh 
3. modify standalone-full.xml, setting spec-descriptor-property-replacement to true

4. build and deploy sample war with mdb (based on helloworld-mdb quickstart)

Actual results:

Could log messages complaining that it can't find the queue:
17:00:22,108 INFO  [org.hornetq.ra] (default-threads - 2) HQ151000: awaiting topic/queue creation :test::queue::1
17:00:24,109 INFO  [org.hornetq.ra] (default-threads - 2) HQ151001: Attempting to reconnect org.hornetq.ra.inflow.HornetQActivationSpec(ra=org.hornetq.ra.HornetQResourceAdapter@371c02e5 destination=:test::queue::1 destinationType=javax.jms.Queue ack=Auto-acknowledge durable=false clientID=null user=null maxSession=15)

Expected results:
Successful mdb deploy.

Additional info:
Vault properties were intended to work because there is a VaultPropertyResolver registered.  However, the property resolving fails because it always is passed "VAULT" as the property name.  DefaultPropertyReplacer is terminating parsing at the ":" because it is looking for a default value to use if the property lookup fails.

Comment 1 JBoss JIRA Server 2014-01-24 22:32:05 UTC
Brian Stansberry <brian.stansberry@redhat.com> updated the status of jira JBMETA-371 to Resolved

Comment 3 Nichola Moore 2014-05-02 04:18:19 UTC
Please can someone provide some Doc Text. Thanks.

Comment 4 Jan Martiska 2014-05-05 11:05:23 UTC
Verified in EAP 6.3.0.ER3.

Note You need to log in before you can comment on or make changes to this bug.