michaelandrepearce commented on pull request #43: URL: https://github.com/apache/qpid-jms/pull/43#issuecomment-921763750
@gemmellr the issue, we are getting is that whilst ActiveMQ (Openwire) and ActiveMQ Artemis (CORE) clients seem to be honouring the credentials when set via JMS as such its vendor agnostic and secrets can be present to app securely and separately connectionFactory.createConnection(user,password) where as with Qpid we are getting issue whereby connecting to secured artemis clusters we seem to be having to set the credentials on the CF itself for it to be happy with artemis when secured. And thus looking for options how to securly and in an agnostic way (by using JNDI properties that are explicitly meant for credentials) putting credentials in url, isnt the best as you are essentially mixing a config item with a security item, e.g. i want the URL to be visible to ops/dev teams theres no security concerns there, but credentials clearly more sensitive. Thus why to look to use the JNDI properties that are meant for credentials. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
