[
https://issues.apache.org/jira/browse/QPID-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rob Godfrey updated QPID-6017:
------------------------------
Status: Reviewable (was: In Progress)
> [Java Broker] Provide a mechanism by which "secure" attributes in the
> configuration can be encrypted
> ----------------------------------------------------------------------------------------------------
>
> Key: QPID-6017
> URL: https://issues.apache.org/jira/browse/QPID-6017
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Rob Godfrey
> Assignee: Rob Godfrey
> Fix For: 0.31
>
>
> Attributes in the configuration which contain confidential information such
> as passwords are annotated as "secure" in their definition. This is used to
> prevent their disclosure through querying operations.
> However it may be the case that this information needs to be encrypted even
> within the configuration store. In this case the key material needed to
> decrypt the confidential information must be held outside the configuration
> mechanism (otherwise we are just shifting the problem around).
> Deployment environments may have site specific mechanisms my which encryption
> may occur, so the encryption mechanism must be pluggable and configurable at
> the broker (and potentially at the virtual host node) level.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
