You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Nathan (Jira)" <ji...@apache.org> on 2021/10/18 22:52:00 UTC
[jira] [Created] (AMQ-8403) enhancement
https://activemq.apache.org/encrypted-passwords page
Nathan created AMQ-8403:
---------------------------
Summary: enhancement https://activemq.apache.org/encrypted-passwords page
Key: AMQ-8403
URL: https://issues.apache.org/jira/browse/AMQ-8403
Project: ActiveMQ
Issue Type: Improvement
Components: Documentation
Affects Versions: 5.16.3
Environment: Failed with...
activemq 5.16.3 + the existing configuration on the encrypted-passwords page + the following Java release.
{code:java}
java version "1.8.0_05"
Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.5-b02, mixed mode)
{code}
Works with...
activemq 5.16.3 + the configuration provided in the description of this improvement request + the following newer Java 8 release.
{code:java}
openjdk version "1.8.0_292"
OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_292-b10)
OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.292-b10, mixed mode)
{code}
I tried with/without the unlimited strength crypto extensions and it worked both ways with the solution provided above.
Reporter: Nathan
Some newer crypto's need a slightly different different approach to configuration which the encrypted-passwords page does not cover.
I suggest using the following config.
The addition of the ivGenerator property and the use of newer Java 8 releases ensured it worked for me.
{code:java}
<bean id="environmentVariablesConfiguration" class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWITHHMACSHA256ANDAES_256" />
<property name="ivGenerator">
<bean class="org.jasypt.iv.RandomIvGenerator"/>
</property>
<property name="passwordEnvName" value="ACTIVEMQ_ENCRYPTION_PASSWORD" />
</bean>
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config" ref="environmentVariablesConfiguration" />
</bean>
<bean id="propertyConfigurer" class="org.jasypt.spring4.properties.EncryptablePropertyPlaceholderConfigurer">
<constructor-arg ref="configurationEncryptor" />
<property name="location" value="file:${activemq.base}/conf/credentials-enc.properties"/>
</bean>
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)