Rajani Karuturi created CLOUDSTACK-7242:
-------------------------------------------

             Summary: adding a Secure config using the new ConfigDepot and 
ConfigKey breaks the build when encryption is enabled
                 Key: CLOUDSTACK-7242
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7242
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Management Server
            Reporter: Rajani Karuturi
            Priority: Critical


In the inner layers, when it get the value of the key it tries to do decrypt if 
its a secure or hidden field. But, it doesn’t encrypt while adding the config.

Here is code snippet from ConfigurationVO

{noformat}

   @Override
    public String getValue() {
        return (("Hidden".equals(getCategory()) || 
"Secure".equals(getCategory())) ? DBEncryptionUtil.decrypt(value) : value);
    }

    public void setValue(String value) {
        this.value = value;
    }

{noformat}

we should make the getter and setter consistent. Otherwise, you won’t be able 
to introduce any new secure/hidden configs unless you put the encrypted value 
in the db before. 




--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to