You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2023/01/08 04:42:00 UTC

[jira] [Work logged] (ARTEMIS-3790) Support masked passwords when creating connections

     [ https://issues.apache.org/jira/browse/ARTEMIS-3790?focusedWorklogId=837717&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-837717 ]

ASF GitHub Bot logged work on ARTEMIS-3790:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 08/Jan/23 04:41
            Start Date: 08/Jan/23 04:41
    Worklog Time Spent: 10m 
      Work Description: jbertram commented on PR #4320:
URL: https://github.com/apache/activemq-artemis/pull/4320#issuecomment-1374707536

   My only concern here is that there's no way to set the codec. It is hard-coded to use the default coded. I think the simplest way to implement codec configuration is via a new property on `org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory` much like `deserializationWhiteList` so that the value could be set programmatically or via the connection URL. For example, if you created a `String` named `passwordCodec` then this could be set using `ActiveMQConnectionFactory.setPasswordCodec` or, e.g., something like `tcp://myHost:61616?passwordCodec=com.foo.Codec`. Then any encrypted credentials used on connections created from this connection factory would use that codec.




Issue Time Tracking
-------------------

    Worklog Id:     (was: 837717)
    Time Spent: 20m  (was: 10m)

> Support masked passwords when creating connections
> --------------------------------------------------
>
>                 Key: ARTEMIS-3790
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3790
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>          Components: API
>    Affects Versions: 2.19.1
>            Reporter: Apache Dev
>            Priority: Major
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> ActiveMQConnectionFactory#createConnection and similar APIs could accept "masked" passwords.
> This would improve usability in cases where connection password is already stored in masked format.
> For example, a client using TLS and username/password authentication would need to configure the "trustStorePassword" in the brokerURL - which accepts the ENC(...) form - and the connection password - currently not accepting the ENC(...) form.
> Accepting the masked password even for connection creation would improve usability for clients storing masked passwords in configuration files.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)