geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Forrest Xia <>
Subject Re: Keystore files filter problem under var/security/keystores
Date Wed, 12 Oct 2011 16:22:14 GMT
Make a doc, and tell user not putting non-keystore files in that folder,
might be an option :)


On Wed, Oct 12, 2011 at 6:16 PM, viola lu <> wrote:

> Hi, Dev:
>  Currently in geronimo 2.1.*, if i run keytool in jdk to generate csr or
> other non-keystore files under var/security/keystores, geronimo server will
> persist them in j2ee-security module when i access keystore porlet in admin
> console, which scans all files under this folder and instance
> FileKeystoreInstance GBean no matter what type of file.
> If so, even user create an empty file of any type, it will be written to
> config.xml. We have to filter files, only keystore files should be under
> that folder.
> I plan to filter files under var/security/keystore through file name
> postfix, for example: *, *.jks, *.pcks, but is there other way to valid
> content of keystore? From keystore api in jdk, it must provide a password
> before load and access it, which we don't know except the user who generate
> it.
> Any suggestion?
> --
> viola
> Apache Geronimo

View raw message