You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2023/01/08 04:42:00 UTC
[jira] [Work logged] (ARTEMIS-3790) Support masked passwords when creating connections
[ https://issues.apache.org/jira/browse/ARTEMIS-3790?focusedWorklogId=837717&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-837717 ]
ASF GitHub Bot logged work on ARTEMIS-3790:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 08/Jan/23 04:41
Start Date: 08/Jan/23 04:41
Worklog Time Spent: 10m
Work Description: jbertram commented on PR #4320:
URL: https://github.com/apache/activemq-artemis/pull/4320#issuecomment-1374707536
My only concern here is that there's no way to set the codec. It is hard-coded to use the default coded. I think the simplest way to implement codec configuration is via a new property on `org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory` much like `deserializationWhiteList` so that the value could be set programmatically or via the connection URL. For example, if you created a `String` named `passwordCodec` then this could be set using `ActiveMQConnectionFactory.setPasswordCodec` or, e.g., something like `tcp://myHost:61616?passwordCodec=com.foo.Codec`. Then any encrypted credentials used on connections created from this connection factory would use that codec.
Issue Time Tracking
-------------------
Worklog Id: (was: 837717)
Time Spent: 20m (was: 10m)
> Support masked passwords when creating connections
> --------------------------------------------------
>
> Key: ARTEMIS-3790
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3790
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Components: API
> Affects Versions: 2.19.1
> Reporter: Apache Dev
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> ActiveMQConnectionFactory#createConnection and similar APIs could accept "masked" passwords.
> This would improve usability in cases where connection password is already stored in masked format.
> For example, a client using TLS and username/password authentication would need to configure the "trustStorePassword" in the brokerURL - which accepts the ENC(...) form - and the connection password - currently not accepting the ENC(...) form.
> Accepting the masked password even for connection creation would improve usability for clients storing masked passwords in configuration files.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)