Hi, Phil, Thanks for the info.
We are trying to embed qpid in Synapse where qpid connection information is stored in a property file in the format like - connectionfactory.QueueConnectionFactory = amqp://user:password@clientID/test?brokerlist=... So what you mean is that we need to create customized listener to read the property file and decrypt the password where the password can be encrypted? It seems out of the box in Synapse, it uses org.apache.axis2.transport.jms.JMSListener and there is no such an option. Thanks, David -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Phil Harvey Sent: Saturday, December 08, 2012 2:11 AM To: [email protected] Subject: Re: How to encrypt user password in connection url Hi David, I assume you're talking about encrypting the stored URL string, and not about encrypting the details sent over the wire to the broker. I think the only way to do this is to store it in a secure JNDI context, e.g. one provided by a Java application server. This is in line with the approach commonly taken for making JDBC connections from JEE apps. Phil On 8 December 2012 00:27, <[email protected]> wrote: > ** > Hi, Guys, > > Is there a way to encrypt password in the connection URL below? > > amqp://[<user>:<pass>@][<clientid>]<virtualhost>[..] > > David > > Visit our website at http://www.ubs.com > > This message contains confidential information and is intended only > for the individual named. If you are not the named addressee you > should not disseminate, distribute or copy this e-mail. Please notify > the sender immediately by e-mail if you have received this e-mail by > mistake and delete this e-mail from your system. > > E-mails are not encrypted and cannot be guaranteed to be secure or > error-free as information could be intercepted, corrupted, lost, > destroyed, arrive late or incomplete, or contain viruses. The sender > therefore does not accept liability for any errors or omissions in the > contents of this message which arise as a result of e-mail transmission. > If verification is required please request a hard-copy version. This > message is provided for informational purposes and should not be > construed as a solicitation or offer to buy or sell any securities or > related financial instruments. > > > UBS reserves the right to retain all messages. Messages are protected > and accessed only in legally justified cases. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] For > additional commands, e-mail: [email protected] > Visit our website at http://www.ubs.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mails are not encrypted and cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments. UBS reserves the right to retain all messages. Messages are protected and accessed only in legally justified cases. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
