Wildfly 26.0.1.Final - datasource init with cli trouble
210 views
Skip to first unread message
Kean De Souza
Nov 22, 2022, 9:02:34 AM11/22/22
to WildFly
Hello guys,
I use CLI to init my standalone.xml , datasource etc with properties file.
embed-server --std-out=echo --server-config=standalone.xml
set jdbcUrl=${jdbcUrl}
set username=${username}
set password=${password}
set driver=${driver}
set module=${module}
set jndiname=${jndiname}
set name=${name}
set resourcePath=${resource}
set classname=${classname}
echo "Create KeyStore Credential Store in data folder"
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add(modifiable=true,path="appKeyStoreCredentialStore.jceks", relative-to=jboss.server.data.dir, credential-reference={clear-text=appDbmanager}, create=true)
echo "Add password in credential store"
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value=${password})
It can contains password with some special characters.
Password is well define, i checked the command.
I add quote to check but it doesnt work.
I use CLI to init my standalone.xml , datasource etc with properties file.
embed-server --std-out=echo --server-config=standalone.xml
set jdbcUrl=${jdbcUrl}
set username=${username}
set password=${password}
set driver=${driver}
set module=${module}
set jndiname=${jndiname}
set name=${name}
set resourcePath=${resource}
set classname=${classname}
echo "Create KeyStore Credential Store in data folder"
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add(modifiable=true,path="appKeyStoreCredentialStore.jceks", relative-to=jboss.server.data.dir, credential-reference={clear-text=appDbmanager}, create=true)
echo "Add password in credential store"
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value=${password})
My jboss-cli.xml enables parameters to be replace :
...
<resolve-parameter-values>true</resolve-parameter-values>
......
<resolve-parameter-values>true</resolve-parameter-values>
It can contains password with some special characters.
Password is well define, i checked the command.
I add quote to check but it doesnt work.
Unfortunately, my app cannot launch because the password is wrong.
Somebody may have an idea of what happening about it ?
Thank you !
Thank you !
Kean De Souza
Nov 22, 2022, 9:53:55 AM11/22/22
to WildFly
Note that i use this kind of password (for test)
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value=Z$ANS84oL*&5)
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value=Z$ANS84oL*&5)
Jean Francois Denise
Nov 23, 2022, 11:46:34 AM11/23/22
to wil...@googlegroups.com
Hi,
I gave a try, set the properties
password=Z$ANS84oL*&5 in cli.properties file.
Run your commands, then look into the
keystore for the alias
"appdbpasswordalias/passwordcredential/clear/" to read the value.
The encoded value seems correct, an ASN1 string containing the
correct value.
the CLI doesn't seem to change the
value.
Did you try and succeeded with a
password not containing special character such as "changeme"?
JF
--
You received this message because you are subscribed to the Google Groups "WildFly" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wildfly+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wildfly/3f6104f6-125a-46b0-b199-0d9fb1534412n%40googlegroups.com.
Kean De Souza
Nov 24, 2022, 8:55:10 AM11/24/22
to WildFly
Yes, i succeeded with a password without special character
Jean Francois Denise
Nov 24, 2022, 9:14:29 AM11/24/22
to wil...@googlegroups.com
Hi,
thank-you.
The password "Z$ANS84oL*&5" created
an issue?
If you have exact random passwords that
created the issue, that would help. Another thing to try is to
directly add the password in the command attribute
secret-value="xxxx" (make sure to quote it) and report if you got
the problem.
Thank-you.
To view this discussion on the web visit https://groups.google.com/d/msgid/wildfly/02bf6bd4-7e88-417b-a177-9ba96b57fec8n%40googlegroups.com.
Kean De Souza
Nov 24, 2022, 11:00:32 AM11/24/22
to WildFly
Hello JF,
Thank you for your time, really
Thank you for your time, really
Yes it seems so
I tried with this password also kj8217&*NuVg
And this one kj8217*NuVg and it worked !
So it seems that the caracter & is problematic in a password
Kean De Souza
Dec 5, 2022, 5:06:21 AM12/5/22
to WildFly
Hello guys,
So just an update about this trouble.
I use a batch to call jboss-cli.bat, and a script .cli to initialise my standalone.xml and a property files.
Everything is correct in my properties files (even password with double quotes on it to avoid interperetation with batch)
Here the commande i used :
____________________
set NOPAUSE=true
REM Launch JBOSS CLI to change standalone.xml
set CLI_SCRIPTS="%installPath%\cliScripts"
@echo off
REM create admin user, mandatory for CLI & Security Management
call "%JBOSS_HOME%\bin\add-user.bat" -u appAdmin -p "appadmin"
@echo on
REM create standalone
call "%JBOSS_HOME%\bin\jboss-cli.bat" --properties=%cliPropertiesFile% --file="%CLI_SCRIPTS%\first_install_standalone.cli"
REM create log handler
call "%JBOSS_HOME%\bin\jboss-cli.bat" --properties=%cliPropertiesFile% --file="%CLI_SCRIPTS%\change_log_level.cli"
echo "Add password in credential store"
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value=${password})
So with elytron-tool.bat, some special caracteres may have some trouble in credential store
Prefer to use wildfly cli and avoid to use theses specials within a script .bat and call jboss-cli.bat earlier : ! and ^ and & and \
Theses caracteres works when i have an interaction directly with jboss-cli.bat with embed server connection
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value= " #a$%()*+-./:;?b[]{}_~&,=><\|!&\c^")
Thank a lot to JF for the time.
So just an update about this trouble.
I use a batch to call jboss-cli.bat, and a script .cli to initialise my standalone.xml and a property files.
Everything is correct in my properties files (even password with double quotes on it to avoid interperetation with batch)
Here the commande i used :
____________________
set NOPAUSE=true
REM Launch JBOSS CLI to change standalone.xml
set CLI_SCRIPTS="%installPath%\cliScripts"
@echo off
REM create admin user, mandatory for CLI & Security Management
call "%JBOSS_HOME%\bin\add-user.bat" -u appAdmin -p "appadmin"
@echo on
REM create standalone
call "%JBOSS_HOME%\bin\jboss-cli.bat" --properties=%cliPropertiesFile% --file="%CLI_SCRIPTS%\first_install_standalone.cli"
REM create log handler
call "%JBOSS_HOME%\bin\jboss-cli.bat" --properties=%cliPropertiesFile% --file="%CLI_SCRIPTS%\change_log_level.cli"
----------------------------
echo "Create KeyStore Credential Store in data folder"
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add(modifiable=true,path="appKeyStoreCredentialStore.jceks",
relative-to=jboss.server.data.dir,
credential-reference={clear-text=appadmin}, create=true)
echo "Add password in credential store"
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value=${password})
So with elytron-tool.bat, some special caracteres may have some trouble in credential store
Prefer to use wildfly cli and avoid to use theses specials within a script .bat and call jboss-cli.bat earlier : ! and ^ and & and \
Theses caracteres works when i have an interaction directly with jboss-cli.bat with embed server connection
/subsystem=elytron/credential-store=appKeyStoreCredentialStore:add-alias(alias=appDbPasswordAlias, secret-value= " #a$%()*+-./:;?b[]{}_~&,=><\|!&\c^")
Thank a lot to JF for the time.
Reply all
Reply to author
Forward
0 new messages