[
https://issues.apache.org/jira/browse/AMQ-5715?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Antoine Wils updated AMQ-5715:
------------------------------
Description:
decryption of password not working when using wrapper to start ActiveMQ.
The wrapper (bin/linux-x86-64/activemq) is configured to use a RUN_AS_USER=user.
To decrypt the password I am using the EnvironmentStringPBEConfig with an
passwordEnvName.
When:
* login in as user, I can echo the variable given to EnvironmentStringPBEConfig.
* starting ActiveMQ vi sudo service activemq start, it stop immediately after
this logging:
{noformat}
2015-04-09 12:18:04,851 | INFO | Refreshing
org.apache.activemq.xbean.XBeanBrokerFactory$1@3a510e91: startup date [Thu Apr
09 12:18:04 UTC 2015]; root of context hierarchy |
org.apache.activemq.xbean.XBeanBrokerFactory$1 | WrapperSimpleAppMain
2015-04-09 12:18:06,617 | INFO | Loading properties file from URL
[file:../../conf/credentials.properties] |
org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer |
WrapperSimpleAppMain
{noformat}
The issue is that when ActiveMQ is started via a soft link, it will first
resolve himself with absolute path and then call himself again with absolute
path using the *su* command.
The *su* command is not configured to load the RUN_AS_USER environment. It is
missing the *--logging* option. Hence the variable defined in the user
environment and passed in the passwordEnvName is not set.
Patch provided
was:
decryption of password not working when using wrapper to start ActiveMQ.
The wrapper (bin/linux-x86-64/activemq) is configured to use a RUN_AS_USER=user.
To decrypt the password I am using the EnvironmentStringPBEConfig with an
passwordEnvName.
When login in as user, I can echo the variable given to
EnvironmentStringPBEConfig.
When starting ActiveMQ vi sudo service activemq start, it stop immediately
after this logging:
2015-04-09 12:18:04,851 | INFO | Refreshing
org.apache.activemq.xbean.XBeanBrokerFactory$1@3a510e91: startup date [Thu Apr
09 12:18:04 UTC 2015]; root of context hierarchy |
org.apache.activemq.xbean.XBeanBrokerFactory$1 | WrapperSimpleAppMain
2015-04-09 12:18:06,617 | INFO | Loading properties file from URL
[file:../../conf/credentials.properties] |
org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer |
WrapperSimpleAppMain
The issue is that when ActiveMQ is started via a soft link, it will first
resolve himself with absolute path and then call himself again with absolute
path using the *su* command.
The *su* command is not configured to load the RUN_AS_USER environment. It is
missing the *--logging* option. Hence the variable defined in the user
environment and passed in the passwordEnvName is not set.
Patch provided
> ActiveMQ cannot load decryption password from environment variable
> ------------------------------------------------------------------
>
> Key: AMQ-5715
> URL: https://issues.apache.org/jira/browse/AMQ-5715
> Project: ActiveMQ
> Issue Type: Bug
> Components: Distribution
> Affects Versions: 5.11.1
> Environment: ubuntu 64 bit server LTS 12.04
> java version "1.7.0_07"
> Java(TM) SE Runtime Environment (build 1.7.0_07-b10)
> Java HotSpot(TM) 64-Bit Server VM (build 23.3-b01, mixed mode)
> Reporter: Antoine Wils
> Priority: Minor
> Attachments: activemq.patch
>
>
> decryption of password not working when using wrapper to start ActiveMQ.
> The wrapper (bin/linux-x86-64/activemq) is configured to use a
> RUN_AS_USER=user.
> To decrypt the password I am using the EnvironmentStringPBEConfig with an
> passwordEnvName.
> When:
> * login in as user, I can echo the variable given to
> EnvironmentStringPBEConfig.
> * starting ActiveMQ vi sudo service activemq start, it stop immediately after
> this logging:
> {noformat}
> 2015-04-09 12:18:04,851 | INFO | Refreshing
> org.apache.activemq.xbean.XBeanBrokerFactory$1@3a510e91: startup date [Thu
> Apr 09 12:18:04 UTC 2015]; root of context hierarchy |
> org.apache.activemq.xbean.XBeanBrokerFactory$1 | WrapperSimpleAppMain
> 2015-04-09 12:18:06,617 | INFO | Loading properties file from URL
> [file:../../conf/credentials.properties] |
> org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer |
> WrapperSimpleAppMain
> {noformat}
> The issue is that when ActiveMQ is started via a soft link, it will first
> resolve himself with absolute path and then call himself again with absolute
> path using the *su* command.
> The *su* command is not configured to load the RUN_AS_USER environment. It is
> missing the *--logging* option. Hence the variable defined in the user
> environment and passed in the passwordEnvName is not set.
> Patch provided
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
