JBoss is not able to fetch the password added to vault without restarting the server.
Issue
- Getting the following exception when jboss try to fetch the password added to vault without restarting the server :
Caused by: java.lang.IllegalArgumentException: Null input buffer
at javax.crypto.Cipher.doFinal(DashoA13*..) [jce.jar:1.6]
at org.picketbox.util.EncryptionUtil.decrypt(EncryptionUtil.java:134) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]
at org.picketbox.plugins.vault.PicketBoxSecurityVault.retrieve(PicketBoxSecurityVault.java:275) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]
... 34 more
- Getting
java.lang.SecurityException JBAS013311 Security Exceptionwhen vault is used. - Is reload of server required when value masked with
vaultis used inJBoss EAP 6? - Datasources taking vault configuration has been problematic.
- Encrypting Values for System Properties. I attempted to follow the instructions from
https://access.redhat.com/solutions/348193However, after adding the password to the vaultJBoss EAP 6.4.1throws an error :
"outcome" => "failed",
"failure-description" => "JBAS014749: Operation handler failed: java.lang.SecurityException: JBAS013311: Security Exception",
"rolled-back" => true
- Are the password refreshed without stopping the instances?
- How should we proceed when we have instances of a cluster in standalone mode to update a password without impacting?
- How should we proceed when we have instances of a cluster in domain mode to update a password without impacting? will domain controller update vault store in all instances?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.2.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
