[
https://issues.apache.org/jira/browse/ARTEMIS-786?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15604001#comment-15604001
]
ASF GitHub Bot commented on ARTEMIS-786:
----------------------------------------
Github user gaohoward commented on the issue:
https://github.com/apache/activemq-artemis/pull/835
@jbertram So I did some refactoring:
* Now DefaultSensitiveStringCodec supports 2 kinds of masking
one-way hashing and two-way encoding/decoding
* one-way hashing is used by cli and PropertiesLoginModule, it also has
a verify method to help checking passwords
* two-way is used by other password masking in artemis. (existing feature)
* Other utils like HashProcessor doesn't do hashing or encoding.
They are used to facilitate password management (either plaintext or
hashed).
* Cli commands is used for user management and manual changing is not needed
(although user can use raw DefaultSensitiveStringCodec to to it).
> Store user's password in hash form by default
> ---------------------------------------------
>
> Key: ARTEMIS-786
> URL: https://issues.apache.org/jira/browse/ARTEMIS-786
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Components: Broker
> Affects Versions: 1.4.0
> Reporter: Howard Gao
> Assignee: Howard Gao
> Fix For: 1.5.0
>
>
> Artemis use plaintext to store user's password. To enhance security it should
> be using hash value instead.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
