Uploaded image for project: 'A-MQ Broker'
  1. A-MQ Broker
  2. ENTMQBR-908

Support masked passwords in bootstrap.xml

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Done
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: AMQ 7.0.3.GA
    • Fix Version/s: AMQ 7.2.0.GA
    • Component/s: configuration
    • Labels:
      None
    • Environment:

      AMQ 7

    • Target Release:
    • Affects:
      Documentation (Ref Guide, User Guide, etc.), Release Notes
    • Release Notes Text:
      You can now mask passwords in the broker.xml configuration file. Previously, password masking was not supported for broker.xml, which meant that the passwords in the file were stored in plain text.
    • Release Notes Docs Status:
      Documented as Feature Request

      Description

      User Story:
      As an operator, I have configured SSL for the web admin console and Jolokia REST interface, but the passwords for my SSL resources are in plain text. I need a way to mask these passwords per my company's policy that no passwords should be in plain text.

      We provide a feature to mask passwords in the broker.xml and and ra.xml file [1]. However, it doesn't appear passwords in the bootstrap.xml (when the console is secured with HTTPS) can be masked. This enhancement has been opened to allow passwords in the bootstrap.xml to be masked using the built-in masking feature provided by the broker.

      [1] https://github.com/apache/activemq-artemis/blob/master/docs/user-manual/en/masking-passwords.md#password-masking-in-server-configuration-file

        Gliffy Diagrams

          Attachments

            Issue Links

            is duplicated by

            Bug - A problem which impairs or prevents the functions of the product. ENTMQBR-1338 Support masked passwords in bootstrap.xml and login.config

            • Major - A request that should be considered seriously but is not a show stopper.
            • Done
            is related to

            Bug - A problem which impairs or prevents the functions of the product. ENTMQBR-893 Masking of password does not work with login.config

            • Major - A request that should be considered seriously but is not a show stopper.
            • Done

            Task - A task that needs to be done. ENTMQBR-1082 Document masked password in bootstrap.xml

            • Major - A request that should be considered seriously but is not a show stopper.
            • Done

            Task - A task that needs to be done. ENTMQBR-1494 Document support of masked passwords in login.config

            • Major - A request that should be considered seriously but is not a show stopper.
            • Done
            relates to

            Enhancement - An enhancement or refactoring of existing functionality AMQDOC-2905 Customer enhancement - doc using masked passwords in bootstrap.xml

            • Major - A request that should be considered seriously but is not a show stopper.
            • Closed
            is blocked by

            ARTEMIS-1600 Loading...

              Activity

                People

                • Assignee:
                  gaohoward Yong Hao Gao
                  Reporter:
                  jsherman Jason Sherman
                  Tester:
                  Sean Davey
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  8 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: