subject:"\[jira\] \[Commented\] \(ARTEMIS\-1600\) Support masked passwords in bootstrap.xm and login.config"

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-02-02 Thread ASF subversion and git services (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16350580#comment-16350580
 ] 

ASF subversion and git services commented on ARTEMIS-1600:
--

Commit 9acdec2468aa89cf6dfd99323f87c5c1a351bd0d in activemq-artemis's branch 
refs/heads/master from [~michael.andre.pearce]
[ https://git-wip-us.apache.org/repos/asf?p=activemq-artemis.git;h=9acdec2 ]

ARTEMIS-1655 Fix TransportConfiguration encode failing

Check for null on isMaskPassword, seems this regressed in 
bb84f679363f62e8b2663f63bf23f04133de481d change for ARTEMIS-1600

> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-18 Thread ASF subversion and git services (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16330601#comment-16330601
 ] 

ASF subversion and git services commented on ARTEMIS-1600:
--

Commit bb84f679363f62e8b2663f63bf23f04133de481d in activemq-artemis's branch 
refs/heads/master from [~gaohoward]
[ https://git-wip-us.apache.org/repos/asf?p=activemq-artemis.git;h=bb84f67 ]

ARTEMIS-1600 Support masked passwords in bootstrap.xm and login.config

We provide a feature to mask passwords in the configuration files.
However, passwords in the bootstrap.xml (when the console is
secured with HTTPS) cannot be masked. This enhancement has
been opened to allow passwords in the bootstrap.xml to be masked
using the built-in masking feature provided by the broker.

Also the LDAPLoginModule configuration (in login.config) has a
connection password attribute that also needs this mask support.

In addition the ENC() syntax is supported for password masking
to replace the old 'mask-password' flag.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-18 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16330602#comment-16330602
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user asfgit closed the pull request at:

https://github.com/apache/activemq-artemis/pull/1771


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16330130#comment-16330130
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
OK it's done.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16329940#comment-16329940
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
@jbertram Please hold for a moment. I just found a change that may be wrong.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16329911#comment-16329911
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
@jbertram @clebertsuconic done!


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16329887#comment-16329887
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1771#discussion_r162233948
  
--- Diff: 
artemis-core-client/src/main/java/org/apache/activemq/artemis/api/config/ActiveMQDefaultConfiguration.java
 ---
@@ -622,8 +622,8 @@ public static String getDefaultClusterPassword() {
/**
 * This option controls whether passwords in server configuration need 
be masked. If set to "true" the passwords are masked.
 */
-   public static boolean isDefaultMaskPassword() {
-  return DEFAULT_MASK_PASSWORD;
+   public static Boolean isDefaultMaskPassword() {
--- End diff --

@clebertsuconic yes that's the purpose as @jbertram pointed out. I need 
'null' to represent the case where the mask-password is not specified at all. 


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16329263#comment-16329263
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user jbertram commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1771#discussion_r162153980
  
--- Diff: docs/user-manual/en/masking-passwords.md ---
@@ -18,12 +18,33 @@ Apache ActiveMQ Artemis provides a default password 
encoder and decoder. Optiona
 users can use or implement their own encoder and decoder for masking the
 passwords.
 
+In general, a masked password can be identified using one of two ways. The 
first one
+iS the ENC() syntax, i.e. any string value wrapped in ENC() is to be 
treated as 
--- End diff --

Capitalization error on "iS".


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16329247#comment-16329247
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user jbertram commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1771#discussion_r162151931
  
--- Diff: 
artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
 ---
@@ -105,12 +110,39 @@ public void initialize(Subject subject,
   this.subject = subject;
   this.handler = callbackHandler;
 
-  config = new LDAPLoginProperty[]{new 
LDAPLoginProperty(INITIAL_CONTEXT_FACTORY, (String) 
options.get(INITIAL_CONTEXT_FACTORY)), new LDAPLoginProperty(CONNECTION_URL, 
(String) options.get(CONNECTION_URL)), new 
LDAPLoginProperty(CONNECTION_USERNAME, (String) 
options.get(CONNECTION_USERNAME)), new LDAPLoginProperty(CONNECTION_PASSWORD, 
(String) options.get(CONNECTION_PASSWORD)), new 
LDAPLoginProperty(CONNECTION_PROTOCOL, (String) 
options.get(CONNECTION_PROTOCOL)), new LDAPLoginProperty(AUTHENTICATION, 
(String) options.get(AUTHENTICATION)), new LDAPLoginProperty(USER_BASE, 
(String) options.get(USER_BASE)), new LDAPLoginProperty(USER_SEARCH_MATCHING, 
(String) options.get(USER_SEARCH_MATCHING)), new 
LDAPLoginProperty(USER_SEARCH_SUBTREE, (String) 
options.get(USER_SEARCH_SUBTREE)), new LDAPLoginProperty(ROLE_BASE, (String) 
options.get(ROLE_BASE)), new LDAPLoginProperty(ROLE_NAME, (String) 
options.get(ROLE_NAME)), new LDAPLoginProperty(ROLE_SEARCH_MATCHING, (String) 
options.get(ROLE_SEARCH_MATCHING)), new LDAPLoginProperty(ROLE_SEARCH_SUBTREE, 
(String) options.get(ROLE_SEARCH_SUBTREE)), new 
LDAPLoginProperty(USER_ROLE_NAME, (String) options.get(USER_ROLE_NAME)), new 
LDAPLoginProperty(EXPAND_ROLES, (String) options.get(EXPAND_ROLES)), new 
LDAPLoginProperty(EXPAND_ROLES_MATCHING, (String) 
options.get(EXPAND_ROLES_MATCHING)), new LDAPLoginProperty(REFERRAL, (String) 
options.get(REFERRAL))};
+  config = new LDAPLoginProperty[]{new 
LDAPLoginProperty(INITIAL_CONTEXT_FACTORY, (String) 
options.get(INITIAL_CONTEXT_FACTORY)),
+   new 
LDAPLoginProperty(CONNECTION_URL, (String) options.get(CONNECTION_URL)),
+   new 
LDAPLoginProperty(CONNECTION_USERNAME, (String) 
options.get(CONNECTION_USERNAME)),
+   new 
LDAPLoginProperty(CONNECTION_PASSWORD, (String) 
options.get(CONNECTION_PASSWORD)),
+   new 
LDAPLoginProperty(CONNECTION_PROTOCOL, (String) 
options.get(CONNECTION_PROTOCOL)),
+   new 
LDAPLoginProperty(AUTHENTICATION, (String) options.get(AUTHENTICATION)),
+   new LDAPLoginProperty(USER_BASE, 
(String) options.get(USER_BASE)),
+   new 
LDAPLoginProperty(USER_SEARCH_MATCHING, (String) 
options.get(USER_SEARCH_MATCHING)),
+   new 
LDAPLoginProperty(USER_SEARCH_SUBTREE, (String) 
options.get(USER_SEARCH_SUBTREE)),
+   new LDAPLoginProperty(ROLE_BASE, 
(String) options.get(ROLE_BASE)),
+   new LDAPLoginProperty(ROLE_NAME, 
(String) options.get(ROLE_NAME)),
+   new 
LDAPLoginProperty(ROLE_SEARCH_MATCHING, (String) 
options.get(ROLE_SEARCH_MATCHING)),
+   new 
LDAPLoginProperty(ROLE_SEARCH_SUBTREE, (String) 
options.get(ROLE_SEARCH_SUBTREE)),
+   new 
LDAPLoginProperty(USER_ROLE_NAME, (String) options.get(USER_ROLE_NAME)),
+   new LDAPLoginProperty(EXPAND_ROLES, 
(String) options.get(EXPAND_ROLES)),
+   new 
LDAPLoginProperty(EXPAND_ROLES_MATCHING, (String) 
options.get(EXPAND_ROLES_MATCHING)),
+   new LDAPLoginProperty(REFERRAL, 
(String) options.get(REFERRAL))};
+
   if (isLoginPropertySet(AUTHENTICATE_USER)) {
  authenticateUser = 
Boolean.valueOf(getLDAPPropertyValue(AUTHENTICATE_USER));
   }
   isRoleAttributeSet = isLoginPropertySet(ROLE_NAME);
   roleAttributeName = getLDAPPropertyValue(ROLE_NAME);
+  String isMask = (String) options.get(MASK_PASSWORD);
--- End diff --

This isn't used anywhere so it can be removed.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16329203#comment-16329203
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user jbertram commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1771#discussion_r162146958
  
--- Diff: 
artemis-core-client/src/main/java/org/apache/activemq/artemis/api/config/ActiveMQDefaultConfiguration.java
 ---
@@ -622,8 +622,8 @@ public static String getDefaultClusterPassword() {
/**
 * This option controls whether passwords in server configuration need 
be masked. If set to "true" the passwords are masked.
 */
-   public static boolean isDefaultMaskPassword() {
-  return DEFAULT_MASK_PASSWORD;
+   public static Boolean isDefaultMaskPassword() {
--- End diff --

@clebertsuconic, check out 
org.apache.activemq.artemis.utils.PasswordMaskingUtil.resolveMask.  I believe 
the way that method works is why he needs 3 values.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-17 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16329064#comment-16329064
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user clebertsuconic commented on a diff in the pull request:

https://github.com/apache/activemq-artemis/pull/1771#discussion_r162122543
  
--- Diff: 
artemis-core-client/src/main/java/org/apache/activemq/artemis/api/config/ActiveMQDefaultConfiguration.java
 ---
@@ -622,8 +622,8 @@ public static String getDefaultClusterPassword() {
/**
 * This option controls whether passwords in server configuration need 
be masked. If set to "true" the passwords are masked.
 */
-   public static boolean isDefaultMaskPassword() {
-  return DEFAULT_MASK_PASSWORD;
+   public static Boolean isDefaultMaskPassword() {
--- End diff --

Why this?

Why you need a third state? true / false / undefined?

Why not just keep it boolean.. either mask it or not...


Besides.. if you really need the third option.. I would make 
DEFAULT_MASK_PASSWORD = null; instead of returning null here.


I couldn't understand why you need it.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-16 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16327961#comment-16327961
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
well, almost done. Just found a unused var. I'll delete it right away. 
Sorry about that. :)


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-16 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16327954#comment-16327954
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
@jbertram Hi Justin, I think it's done. Can you take a look again?

Thanks


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
>Priority: Major
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-12 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324229#comment-16324229
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
that's fine. I'll remove it.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-12 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324207#comment-16324207
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user jbertram commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
In my opinion, you should remove the mask-password config property from 
this PR as it will require more code/documentation changes later when it's 
deprecated and eventually removed.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-12 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324170#comment-16324170
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
OK, so I'd add ENC() syntax and keeps the mask-password as an option. (I 
mean I won't remove this from this PR, but won't add any more in the future if 
there is new password mask requirements).



> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-12 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324112#comment-16324112
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user jbertram commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
We should keep mask-password config support where it exists already, but 
don't add any new features that use it.  Instead we can rely on the ENC() 
syntax.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-11 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16323576#comment-16323576
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user gaohoward commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
@jbertram ok I think we can support ENC() as well as "mask-password".


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-11 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16322712#comment-16322712
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

Github user jbertram commented on the issue:

https://github.com/apache/activemq-artemis/pull/1771
  
Aside from the failing tests this looks OK.  

That said, I would love to see us move all our password masking to use the 
"ENC()" syntax instead of using boolean "mask-password" attributes 
everywhere if possible.  This is done for the properties login module and it's 
very clean.  If the text follows the pattern then it should be treated as 
masked otherwise it shouldn't.


> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

2018-01-10 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/ARTEMIS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16321711#comment-16321711
 ] 

ASF GitHub Bot commented on ARTEMIS-1600:
-

GitHub user gaohoward opened a pull request:

https://github.com/apache/activemq-artemis/pull/1771

ARTEMIS-1600 Support masked passwords in bootstrap.xm and login.config

We provide a feature to mask passwords in the configuration files.
However, passwords in the bootstrap.xml (when the console is
secured with HTTPS) cannot be masked. This enhancement has
been opened to allow passwords in the bootstrap.xml to be masked
using the built-in masking feature provided by the broker.

Also the LDAPLoginModule configuration (in login.config) has a
connection password attribute that also needs this mask support.

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/gaohoward/activemq-artemis fent908

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/activemq-artemis/pull/1771.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1771


commit f9f6d907bd9aa23dc4ab93ee209deb80d9a72749
Author: Howard Gao 
Date:   2018-01-11T04:07:31Z

ARTEMIS-1600 Support masked passwords in bootstrap.xm and login.config

We provide a feature to mask passwords in the configuration files.
However, passwords in the bootstrap.xml (when the console is
secured with HTTPS) cannot be masked. This enhancement has
been opened to allow passwords in the bootstrap.xml to be masked
using the built-in masking feature provided by the broker.

Also the LDAPLoginModule configuration (in login.config) has a
connection password attribute that also needs this mask support.




> Support masked passwords in bootstrap.xm and login.config
> -
>
> Key: ARTEMIS-1600
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1600
> Project: ActiveMQ Artemis
>  Issue Type: Improvement
>  Components: Broker, Web Console
>Affects Versions: 2.4.0
>Reporter: Howard Gao
>Assignee: Howard Gao
> Fix For: 2.5.0
>
>
> We provide a feature to mask passwords in the configuration files. 
> However, passwords in the bootstrap.xml (when the console is 
> secured with HTTPS) cannot be masked. This enhancement has 
> been opened to allow passwords in the bootstrap.xml to be masked
> using the built-in masking feature provided by the broker.
> Also the LDAPLoginModule configuration (in login.config) has a 
> connection password attribute that also needs this mask support.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

[jira] [Commented] (ARTEMIS-1600) Support masked passwords in bootstrap.xm and login.config

20 matches

Site Navigation

Mail list logo

Footer information