Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-9910

OpenAMSettingsImpl.java should not decode storepass.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 14.0.0
    • Fix Version/s: 14.0.0
    • Component/s: security
    • Labels:

      Description

      OpenAMSettingsImpl.java attempts to decode the storepass. In AM 14, storepass is no longer encrypted with the instance password. This will cause OAUth2 RSA key signing to fail.

      The biggest issue with this class is the getServerKeyPair method - which duplicates existing functionality in AMKeyProvider.

      The method should be changed to use AMKeyProvider - as the logic can be centralized in one place. Even if we elect to change the storepass to be encrypted, it should be done in one place.

        Attachments

          Activity

            People

            • Assignee:
              warren.strange@forgerock.com Warren Strange
              Reporter:
              warren.strange@forgerock.com Warren Strange
              QA Assignee:
              Filip Kubáň [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: