Make a doc, and tell user not putting non-keystore files in that folder, might be an option :)
Forrest On Wed, Oct 12, 2011 at 6:16 PM, viola lu <[email protected]> wrote: > Hi, Dev: > > Currently in geronimo 2.1.*, if i run keytool in jdk to generate csr or > other non-keystore files under var/security/keystores, geronimo server will > persist them in j2ee-security module when i access keystore porlet in admin > console, which scans all files under this folder and instance > FileKeystoreInstance GBean no matter what type of file. > If so, even user create an empty file of any type, it will be written to > config.xml. We have to filter files, only keystore files should be under > that folder. > > I plan to filter files under var/security/keystore through file name > postfix, for example: *, *.jks, *.pcks, but is there other way to valid > content of keystore? From keystore api in jdk, it must provide a password > before load and access it, which we don't know except the user who generate > it. > > Any suggestion? > > -- > viola > > Apache Geronimo > >
