You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Nathan (Jira)" <ji...@apache.org> on 2021/10/18 22:52:00 UTC

[jira] [Created] (AMQ-8403) enhancement https://activemq.apache.org/encrypted-passwords page

Nathan created AMQ-8403:
---------------------------

             Summary: enhancement https://activemq.apache.org/encrypted-passwords page
                 Key: AMQ-8403
                 URL: https://issues.apache.org/jira/browse/AMQ-8403
             Project: ActiveMQ
          Issue Type: Improvement
          Components: Documentation
    Affects Versions: 5.16.3
         Environment: Failed with...
 activemq 5.16.3 + the existing configuration on the encrypted-passwords page +  the following Java release.
{code:java}
java version "1.8.0_05"
Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.5-b02, mixed mode)
{code}
Works with...
activemq 5.16.3 + the configuration provided in the description of this improvement request + the following newer Java 8 release.
{code:java}
openjdk version "1.8.0_292"
OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_292-b10)
OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.292-b10, mixed mode)
{code}
I tried with/without the unlimited strength crypto extensions and it worked both ways with the solution provided above.
            Reporter: Nathan


Some newer crypto's need a slightly different different approach to configuration which the encrypted-passwords page does not cover.


I suggest using the following config.

The addition of the ivGenerator property and the use of newer Java 8 releases ensured it worked for me.

 
{code:java}
<bean id="environmentVariablesConfiguration" class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
    <property name="algorithm" value="PBEWITHHMACSHA256ANDAES_256" />
    <property name="ivGenerator">
        <bean class="org.jasypt.iv.RandomIvGenerator"/>
    </property>
    <property name="passwordEnvName" value="ACTIVEMQ_ENCRYPTION_PASSWORD" />
</bean>

<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
    <property name="config" ref="environmentVariablesConfiguration" />
</bean>

<bean id="propertyConfigurer" class="org.jasypt.spring4.properties.EncryptablePropertyPlaceholderConfigurer">
    <constructor-arg ref="configurationEncryptor" />
    <property name="location" value="file:${activemq.base}/conf/credentials-enc.properties"/>
</bean>
{code}
 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)