You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2019/02/26 22:39:00 UTC

[jira] [Work logged] (KNOX-1793) DefaultKeystoreService should not validate the signing key on initialization

     [ https://issues.apache.org/jira/browse/KNOX-1793?focusedWorklogId=204820&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-204820 ]

ASF GitHub Bot logged work on KNOX-1793:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 26/Feb/19 22:38
            Start Date: 26/Feb/19 22:38
    Worklog Time Spent: 10m 
      Work Description: rlevas commented on pull request #61: KNOX-1793 - DefaultKeystoreService should not validate the signing key on initialization
URL: https://github.com/apache/knox/pull/61
 
 
   ## What changes were proposed in this pull request?
   
   Moved validation to `org.apache.knox.gateway.services.token.impl.DefaultTokenAuthorityService#start`.   
   
   Added call to `org.apache.knox.gateway.services.token.impl.DefaultTokenAuthorityService#start` in `org.apache.knox.gateway.services.DefaultGatewayServices#start`.
   
   Created message resource values in `org.apache.knox.gateway.GatewayResources` to help manage error messages. 
   
   Added new unit tests.
   
   
   ## How was this patch tested?
   
   Ran unit tested
   
   Tested the following scenarios:
   * Existing Default signing keystore (gateway.jks) and aliases
   * Existing Custom signing keystore and aliaes
   * Missing default signing keystore - keystore created on start
   * Invalid master key (negative test)
   * Missing custom signing keystore (negative test)
   * Existing custom signing keystore with invalid password (negative test)
   * Existing custom signing keystore with invalid key alias (negative test)
   * Existing custom signing keystore with invalid key password (negative test)
   
   Please review [Knox Contributing Process](https://cwiki.apache.org/confluence/display/KNOX/Contribution+Process#ContributionProcess-GithubWorkflow) before opening a pull request.
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 204820)
            Time Spent: 10m
    Remaining Estimate: 0h

> DefaultKeystoreService should not validate the signing key on initialization
> ----------------------------------------------------------------------------
>
>                 Key: KNOX-1793
>                 URL: https://issues.apache.org/jira/browse/KNOX-1793
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 1.3.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>            Priority: Major
>             Fix For: 1.3.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The {{org.apache.knox.gateway.services.security.impl.DefaultKeystoreService}} implementation should not validate the _signing_ key on initialization.  This should be a validation task for users of the signing key.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)