[LPS-72592] SAML KeyStoreManager OSGi @Reference must be greedy to reference always the latest version to avoid read/write to random stores - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 7.0.X EE
Fix Version/s: 7.0.X EE, 7.0.X
Component/s: Application Security > SAML
Labels:
- QA-NA
- liferay-saml-2.0-provider-3.1.0

Branch Version/s:

7.0.x
Backported to Branch:

Committed
Fix Priority:
5
Git Pull Request:
https://github.com/brianchandotcom/liferay-portal-ee/pull/17078

Description

SAML certificates are read and written to different locations (DL vs FileSystem).

Currently there are two implementations,

@Component(
 configurationPid = "com.liferay.saml.runtime.configuration.SamlConfiguration",
 immediate = true, service = KeyStoreManager.class
)
public class FileSystemKeyStoreManagerImpl extends BaseKeyStoreManagerImpl \{

 

@Component(
 configurationPid = "com.liferay.saml.runtime.configuration.SamlConfiguration",
 immediate = true, property = {"service.ranking:Integer=-1"},
 service = KeyStoreManager.class
)
public class DLKeyStoreManagerImpl extends BaseKeyStoreManagerImpl \{

But having

	@Reference()
	private KeyStoreManager _keyStoreManager;

is policyOption = ReferencePolicyOption.RELUCTANT by default, which means it will hold reference to the highest service ranking at that time but won't change if another service is registered after the field is initialized, regardless of the new service's service.ranking

Cannot be easily tested due to random nature of components initialization order.

Attachments

Activity

People

Assignee:: id30721

Reporter:: Tomáš Polešovský

Participants of an Issue:: Amos Fong, Carlos Sierra, id30721, Tomáš Polešovský

Recent user:: Brian Wulbern

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 16/May/17 6:56 AM

Updated:: 14/Mar/18 1:01 AM

Resolved:: 07/Sep/17 1:52 AM

Days since last comment:: 3 years, 25 weeks, 4 days ago

Packages

Version	Package
7.0.X EE
7.0.X