[
https://issues.apache.org/jira/browse/QPID-6364?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Keith Wall resolved QPID-6364.
------------------------------
Resolution: Fixed
Changes look reasonable to me.
> [Java Broker] Keystore data url must be a secure attribute
> ----------------------------------------------------------
>
> Key: QPID-6364
> URL: https://issues.apache.org/jira/browse/QPID-6364
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.31
> Reporter: Alex Rudyy
> Assignee: Keith Wall
> Fix For: 0.31
>
>
> The contents of the java keystore are private by its nature, whilst it is
> protected by password, we shouldn't return the contents over REST, as this
> would pose a security concern.
> Refactor the FileKeystoreImpl/UI so that the contents of the keystore can be
> marked as private.
> New attribute (marked as secure) that accepts both a path or dataurl.
> Path attribute to become derived, It will populated only if it contains a
> file path (if the object is being populated from a dataurl it will be null)
> Upgrader to take care of upgrading old stores with the path attribute
> Changes to the UI. UI to continue to allow an existing path to be
> modified.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
