You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by Vilius Šumskas <vi...@rivile.lt> on 2022/03/21 13:35:58 UTC
encoding passwords for JMS created accounts in Artemis
Hello,
we are using JMS commands in our code to dynamically create Artemis users as needed. This works fine, however I noticed that passwords for these users are not hashed or masked in artemis-users.properties file. Passwords of the users which were created via CLI are masked fine.
Is there a way to use some kind of hashing or should we look at completely different SecurityManager provider for production purposes?
We are using Artemis 2.20 with the default org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule in the configuration.
--
Best Regards,
Vilius Šumskas
Rivile
IT manager
+370 614 75713
RE: encoding passwords for JMS created accounts in Artemis
Posted by Vilius Šumskas <vi...@rivile.lt>.
Oh snap, I haven't noticed that parameter.
Thank you!
--
Vilius
-----Original Message-----
From: Justin Bertram <jb...@apache.org>
Sent: Monday, March 21, 2022 11:00 PM
To: users@activemq.apache.org
Subject: Re: encoding passwords for JMS created accounts in Artemis
The addUser method has a Boolean parameter that indicates whether or not to hash the password.
Justin
On Mon, Mar 21, 2022, 10:13 AM Vilius Šumskas <vi...@rivile.lt>
wrote:
> I mean using activemq.management queue via
> org.apache.activemq.artemis.api.jms.management.JMSManagementHelper.
>
> Specifically using JMSManagementHelper.putOperationInvocation() with
> "addUser" operation command.
>
> --
> Vilius
>
> -----Original Message-----
> From: Justin Bertram <jb...@apache.org>
> Sent: Monday, March 21, 2022 4:50 PM
> To: users@activemq.apache.org
> Subject: Re: encoding passwords for JMS created accounts in Artemis
>
> What do you mean by "JMS commands"?
>
>
> Justin
>
> On Mon, Mar 21, 2022 at 8:36 AM Vilius Šumskas
> <vi...@rivile.lt>
> wrote:
>
> > Hello,
> >
> > we are using JMS commands in our code to dynamically create Artemis
> > users as needed. This works fine, however I noticed that passwords
> > for these users are not hashed or masked in artemis-users.properties file.
> > Passwords of the users which were created via CLI are masked fine.
> >
> > Is there a way to use some kind of hashing or should we look at
> > completely different SecurityManager provider for production purposes?
> >
> > We are using Artemis 2.20 with the default
> > org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginMo
> > du
> > le in the configuration.
> >
> > --
> > Best Regards,
> >
> > Vilius Šumskas
> > Rivile
> > IT manager
> > +370 614 75713
> >
> >
>
Re: encoding passwords for JMS created accounts in Artemis
Posted by Justin Bertram <jb...@apache.org>.
The addUser method has a Boolean parameter that indicates whether or not to
hash the password.
Justin
On Mon, Mar 21, 2022, 10:13 AM Vilius Šumskas <vi...@rivile.lt>
wrote:
> I mean using activemq.management queue via
> org.apache.activemq.artemis.api.jms.management.JMSManagementHelper.
>
> Specifically using JMSManagementHelper.putOperationInvocation() with
> "addUser" operation command.
>
> --
> Vilius
>
> -----Original Message-----
> From: Justin Bertram <jb...@apache.org>
> Sent: Monday, March 21, 2022 4:50 PM
> To: users@activemq.apache.org
> Subject: Re: encoding passwords for JMS created accounts in Artemis
>
> What do you mean by "JMS commands"?
>
>
> Justin
>
> On Mon, Mar 21, 2022 at 8:36 AM Vilius Šumskas <vi...@rivile.lt>
> wrote:
>
> > Hello,
> >
> > we are using JMS commands in our code to dynamically create Artemis
> > users as needed. This works fine, however I noticed that passwords for
> > these users are not hashed or masked in artemis-users.properties file.
> > Passwords of the users which were created via CLI are masked fine.
> >
> > Is there a way to use some kind of hashing or should we look at
> > completely different SecurityManager provider for production purposes?
> >
> > We are using Artemis 2.20 with the default
> > org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModu
> > le in the configuration.
> >
> > --
> > Best Regards,
> >
> > Vilius Šumskas
> > Rivile
> > IT manager
> > +370 614 75713
> >
> >
>
RE: encoding passwords for JMS created accounts in Artemis
Posted by Vilius Šumskas <vi...@rivile.lt>.
I mean using activemq.management queue via org.apache.activemq.artemis.api.jms.management.JMSManagementHelper.
Specifically using JMSManagementHelper.putOperationInvocation() with "addUser" operation command.
--
Vilius
-----Original Message-----
From: Justin Bertram <jb...@apache.org>
Sent: Monday, March 21, 2022 4:50 PM
To: users@activemq.apache.org
Subject: Re: encoding passwords for JMS created accounts in Artemis
What do you mean by "JMS commands"?
Justin
On Mon, Mar 21, 2022 at 8:36 AM Vilius Šumskas <vi...@rivile.lt>
wrote:
> Hello,
>
> we are using JMS commands in our code to dynamically create Artemis
> users as needed. This works fine, however I noticed that passwords for
> these users are not hashed or masked in artemis-users.properties file.
> Passwords of the users which were created via CLI are masked fine.
>
> Is there a way to use some kind of hashing or should we look at
> completely different SecurityManager provider for production purposes?
>
> We are using Artemis 2.20 with the default
> org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModu
> le in the configuration.
>
> --
> Best Regards,
>
> Vilius Šumskas
> Rivile
> IT manager
> +370 614 75713
>
>
Re: encoding passwords for JMS created accounts in Artemis
Posted by Justin Bertram <jb...@apache.org>.
What do you mean by "JMS commands"?
Justin
On Mon, Mar 21, 2022 at 8:36 AM Vilius Šumskas <vi...@rivile.lt>
wrote:
> Hello,
>
> we are using JMS commands in our code to dynamically create Artemis users
> as needed. This works fine, however I noticed that passwords for these
> users are not hashed or masked in artemis-users.properties file. Passwords
> of the users which were created via CLI are masked fine.
>
> Is there a way to use some kind of hashing or should we look at completely
> different SecurityManager provider for production purposes?
>
> We are using Artemis 2.20 with the default
> org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule in
> the configuration.
>
> --
> Best Regards,
>
> Vilius Šumskas
> Rivile
> IT manager
> +370 614 75713
>
>