You are viewing a plain text version of this content. The canonical link for it is here.

Posted to gitbox@activemq.apache.org by GitBox <gi...@apache.org> on 2020/04/30 17:58:21 UTC

[GitHub] [activemq-artemis] jbertram commented on pull request #3108: SecrectKeySpec contant key update

jbertram commented on pull request #3108:
URL: https://github.com/apache/activemq-artemis/pull/3108#issuecomment-622009820


   The reason a constant key is used is so that the encode & decode will actually work. Keep in mind that this is just used for password *masking* so the broker has to be able to encode *and* decode the the values which, as far as I understand, require using the same key. If you generate a new key every time then you won't be able to decode anything. 
   
   Also, If you want something more secure then Blowfish then please implement your own codec as [described in the documentation](http://activemq.apache.org/components/artemis/documentation/latest/masking-passwords.html#choosing-a-codec-for-password-masking).


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org