Hi Ganesh, I think that would certainly help, as the config can then be made visible more widely, and only access to the machine/container would facilitate access to the password.
Kind regards, Dave. On Mon, 30 Sep 2019 at 18:15, Ganesh Murthy <[email protected]> wrote: > On Mon, Sep 30, 2019 at 12:43 PM David Stewart <[email protected]> > wrote: > > > Hi, > > > > I am trying to avoid storing passwords in plain text, however I cannot > see > > how to avoid this with the qdrouter config file. Does anyone have any > idea > > how this can be achieved? > > > Currently you are required to put the plain text saslPassword in the config > file. Would it be acceptable for you if we introduced a new attribute > called saslPasswordFile where you can specify the full path of the file > containing the saslPassword ? You can set permissions on that file. > This will be very similar to the passwordFile attribute of the sslProfile > entity. > Thanks. > > > e.g. > > > > connector { > > name: LocalAMQBroker > > host: localhost > > port: 5672 > > role: route-container > > saslUsername: admin > > saslPassword: password > > saslMechanisms: PLAIN > > } > > > > Kind regards, > > Dave Stewart > > > > -- > > > > > > This email and any > > files transmitted with it are confidential and solely > > for the use of the intended > > recipient. This message contains confidential > > > > information and is intended only for the individual named. If you are not > > the > > intended recipient you are notified that disclosing, copying, > > distributing or > > taking any action in reliance on the contents of this > > information is strictly > > prohibited. Please notify the sender immediately by > > e-mail if you have > > received this e-mail by mistake and delete this e-mail > > from your system. > > > > > > > > > > > > > > > > > > > > Computer > > viruses can be transmitted via email. > > The recipient should check this email and > > any attachments for the presence > > of viruses. Although the company has taken reasonable > > precautions to ensure > > no viruses are present in this email, the company cannot > > accept > > responsibility for any loss or damage arising from the use of this email > > or > > attachments. > > > > > > > > > > > > > > > > > > > > > > Any views or opinions > > presented in this email are > > solely those of the author and do not necessarily > > represent those of the > > Estafet. Employees of Estafet are expressly required not > > to make defamatory > > statements and not to infringe or authorize any infringement > > of copyright > > or any other legal right by email communications. Any such > > communication is > > contrary to company policy. The company will not accept any > > liability in > > respect of such communication, and the employee responsible will > > be > > personally liable for any damages or other liability arising. > > > > > > > > > > > -- *David Stewart* *Senior Consultant* *Estafet Limited* *The Clubhouse* *8 St. James’s Square* *St. James’s* *London* *SW1Y 4JU* *Main +44 208 012 8599 <+44%2020%208614%207070>* *Mobile +44 7780 114 849* *Email [email protected] <[email protected]>* * www.estafet.com <http://www.estafet.com/> * * Registered at: Companies House, Cardiff. Company Number: 4444147* *Registered Office: 8 The Printworks, Dunstable Road, Richmond, Surrey TW9 1RR* -- This email and any files transmitted with it are confidential and solely for the use of the intended recipient. This message contains confidential information and is intended only for the individual named. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. Although the company has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the Estafet. Employees of Estafet are expressly required not to make defamatory statements and not to infringe or authorize any infringement of copyright or any other legal right by email communications. Any such communication is contrary to company policy. The company will not accept any liability in respect of such communication, and the employee responsible will be personally liable for any damages or other liability arising.
