Bootable Jar Wildfly26 Upgrade
116 views
Skip to first unread message
Nate
Mar 17, 2023, 1:56:47 PM3/17/23
to WildFly
My "installer" app, among other things, converts a standalone.xml that contains a bunch of vaulted passwords to one with credential store encrypted passwords. Then I supply the config directory the standalone.xml is in as an argument to the bootable jar like so:
$JAVACMD $JAVA_OPTS -jar myapp.jar --install-dir=wildfly -Djboss.server.config.dir=../config -Djboss.server.log.dir=log
My "installer" app converts a legacy vault into a credential store programmatically using code similar to what's in the Elytron Tool here: https://github.com/wildfly-security/wildfly-elytron/blob/2.0.0.Final/tool/src/main/java/org/wildfly/security/tool/VaultCommand.java
After starting the "myapp.jar" none of the encrypted passwords in standalone.xml are resolved by the resolver.
I did not include code here because I verified the code works as expected if I run it after I have started the jar then restart wildfly within. I do not want to have to restart wildfly after starting the JAR everytime.
I get these two errors:
1). This error happens immediately upon configuring mail
("subsystem" => "mail"),
("mail-session" => "java:jboss/mail/ex")
]) - failure description: "WFLYELY01209: Unable to initialize CredentialStore excredstore -- WFLYELY00926: Unable to initialize the credential store."
2). This error happens sometime later and fails on the first system-property I have an encrypted string for, if I put plain text for this one it just fails on the next system-property.
2023-03-17 14:11:24,895 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("system-property" => "ex.trustStorePassword")]) - failure description: "WFLYELY01209: Unable to initialize CredentialStore excredstore -- WFLYELY00926: Unable to initialize the credential store."
$JAVACMD $JAVA_OPTS -jar myapp.jar --install-dir=wildfly -Djboss.server.config.dir=../config -Djboss.server.log.dir=log
My "installer" app converts a legacy vault into a credential store programmatically using code similar to what's in the Elytron Tool here: https://github.com/wildfly-security/wildfly-elytron/blob/2.0.0.Final/tool/src/main/java/org/wildfly/security/tool/VaultCommand.java
After starting the "myapp.jar" none of the encrypted passwords in standalone.xml are resolved by the resolver.
I did not include code here because I verified the code works as expected if I run it after I have started the jar then restart wildfly within. I do not want to have to restart wildfly after starting the JAR everytime.
I get these two errors:
1). This error happens immediately upon configuring mail
("subsystem" => "mail"),
("mail-session" => "java:jboss/mail/ex")
]) - failure description: "WFLYELY01209: Unable to initialize CredentialStore excredstore -- WFLYELY00926: Unable to initialize the credential store."
2). This error happens sometime later and fails on the first system-property I have an encrypted string for, if I put plain text for this one it just fails on the next system-property.
2023-03-17 14:11:24,895 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("system-property" => "ex.trustStorePassword")]) - failure description: "WFLYELY01209: Unable to initialize CredentialStore excredstore -- WFLYELY00926: Unable to initialize the credential store."
Does this have something to do with the java.security provider not being persisted?
Jean Francois Denise
Mar 22, 2023, 6:53:19 PM3/22/23
to wil...@googlegroups.com
Hi,
you ran into a Bootable JAR bug. I managed to reproduce a similar issue but with a different error message. The bug is that the security providers are not registered before elytron is initialized (something that is done in pure WildFly).
This explains why it works when you do it once the server is
started.
I logged: https://issues.redhat.com/browse/WFCORE-6270
You could try the fix by rebuilding this PR branch: https://github.com/wildfly/wildfly-core/pull/5418 and rebuild wildfly 28 SNAPSHOT (https://github.com/wildfly/wildfly) with -Dversion.org.wildfly.core=20.0.0.Beta8-SNAPSHOT
Thank-you.
JF
--
You received this message because you are subscribed to the Google Groups "WildFly" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wildfly+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wildfly/91b0e54b-00e9-46d6-a5c6-d1ff61d6a2f2n%40googlegroups.com.
Nate
Mar 23, 2023, 7:09:42 AM3/23/23
to WildFly
Thank you.
Reply all
Reply to author
Forward
0 new messages