Alex Rudyy created QPID-6364:
--------------------------------
Summary: [Java Broker] Keystore data url must be a secure attribute
Key: QPID-6364
URL: https://issues.apache.org/jira/browse/QPID-6364
Project: Qpid
Issue Type: Bug
Components: Java Broker
Reporter: Alex Rudyy
Assignee: Alex Rudyy
Fix For: 0.31
The contents of the java keystore are private by its nature, whilst it is
protected by password, we shouldn't return the contents over REST, as this
would pose a security concern.
Refactor the FileKeystoreImpl/UI so that the contents of the keystore can be
marked as private.
New attribute (marked as secure) that accepts both a path or dataurl.
Path attribute to become derived, It will populated only if it contains a
file path (if the object is being populated from a dataurl it will be null)
Upgrader to take care of upgrading old stores with the path attribute
Changes to the UI. UI to continue to allow an existing path to be modified.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
