[
https://issues.apache.org/jira/browse/AMQ-8403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17882197#comment-17882197
]
Nathan edited comment on AMQ-8403 at 9/16/24 10:36 PM:
-------------------------------------------------------
Thanks [~gmotts] , yes I'd noticed this too in addition to my original
description.
webapps/admin/WEB-INF/webconsole-embedded.xml also needs to be modified to
include the changes above.
Comment out the PropertyPlaceholderConfigurer bean in both activemq.xml, and
webconsole-embedded.xml, then add the configuration provided in the description.
Should a future release of amq unify this part of the configuration?
As an aside, it was good to see that amq6 performs the console users
authentication through jaas, allowing backend queue authentication and front
end console user authentication to be unified for those not using the
credentials files for queue auth.
was (Author: ndk):
Thanks [~gmotts] , yes I'd noticed this too in addition to my original
description.
webapps/admin/WEB-INF/webconsole-embedded.xml also needs to be modified to
include the changes above.
Comment out the PropertyPlaceholderConfigurer bean in both activemq.xml, and
webconsole-embedded.xml, then add the configuration provided in the description.
Should a future release of amq unify this part of the configuration?
As an aside, it was good to see that amq6 stores the console users credentials
in the same place for the front end console application AND the backend amq
server (using jaas).
> enhancement to https://activemq.apache.org/encrypted-passwords page
> -------------------------------------------------------------------
>
> Key: AMQ-8403
> URL: https://issues.apache.org/jira/browse/AMQ-8403
> Project: ActiveMQ Classic
> Issue Type: Improvement
> Components: Documentation
> Affects Versions: 5.16.3
> Environment: Failed with...
> activemq 5.16.3 + the existing configuration on the encrypted-passwords page
> + the following Java release.
> {code:java}
> java version "1.8.0_05"
> Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
> Java HotSpot(TM) 64-Bit Server VM (build 25.5-b02, mixed mode)
> {code}
> Works with...
> activemq 5.16.3 + the configuration provided in the description of this
> improvement request + the following newer Java 8 release.
> {code:java}
> openjdk version "1.8.0_292"
> OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_292-b10)
> OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.292-b10, mixed mode)
> {code}
> I tried with/without the unlimited strength crypto extensions and it worked
> both ways with the solution provided above.
> Reporter: Nathan
> Priority: Minor
>
> Some newer crypto's need a slightly different different approach to
> configuration which the encrypted-passwords page does not cover.
> I suggest using the following config.
> The addition of the ivGenerator property and the use of newer Java 8 releases
> ensured it worked for me.
>
> {code:java}
> <bean id="environmentVariablesConfiguration"
> class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
> <property name="algorithm" value="PBEWITHHMACSHA256ANDAES_256" />
> <property name="ivGenerator">
> <bean class="org.jasypt.iv.RandomIvGenerator"/>
> </property>
> <property name="passwordEnvName" value="ACTIVEMQ_ENCRYPTION_PASSWORD" />
> </bean>
> <bean id="configurationEncryptor"
> class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
> <property name="config" ref="environmentVariablesConfiguration" />
> </bean>
> <bean id="propertyConfigurer"
> class="org.jasypt.spring4.properties.EncryptablePropertyPlaceholderConfigurer">
> <constructor-arg ref="configurationEncryptor" />
> <property name="location"
> value="file:${activemq.base}/conf/credentials-enc.properties"/>
> </bean>
> {code}
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
