1 year ago
#330644
claudiu.abrudan
ActiveMQ - is there a way to encrypt credentials.properties password values
I have an issue trying to encrypt the password in the credentials.properties file which is used for browsing the queue messages on GUI console.
For authentication and authorization I followed these steps.
It seems that the default behaviour is to look for username and password in credentials.properties and by adding encrypted values it fails with:
Caused by: javax.jms.JMSSecurityException: User name [admin] or password is invalid.
at org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:52)
at org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1404)
at org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1487)
at org.apache.activemq.ActiveMQConnection.start(ActiveMQConnection.java:528)
at org.apache.activemq.web.WebClient.getConnection(WebClient.java:262)
at org.apache.activemq.web.WebClient.createSession(WebClient.java:359)
at org.apache.activemq.web.WebClient.getSession(WebClient.java:250)
at org.apache.activemq.web.QueueBrowseQuery.getSession(QueueBrowseQuery.java:81)
at org.apache.activemq.web.QueueBrowseQuery.createBrowser(QueueBrowseQuery.java:90)
at org.apache.activemq.web.QueueBrowseQuery.getBrowser(QueueBrowseQuery.java:50)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at javax.el.BeanELResolver.getValue(BeanELResolver.java:94)
... 63 more
Caused by: java.lang.SecurityException: User name [admin] or password is invalid.
at org.apache.activemq.security.SimpleAuthenticationBroker.authenticate(SimpleAuthenticationBroker.java:103)
at org.apache.activemq.security.SimpleAuthenticationBroker.addConnection(SimpleAuthenticationBroker.java:71)
at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:853)
at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:139)
at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:336)
at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)
at org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:116)
at org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:50)
at org.apache.activemq.transport.vm.VMTransport.iterate(VMTransport.java:275)
at org.apache.activemq.thread.PooledTaskRunner.runTask(PooledTaskRunner.java:133)
at org.apache.activemq.thread.PooledTaskRunner$1.run(PooledTaskRunner.java:48)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
... 1 more
Everything works fine in rest, producing messages, consuming messages, connecting with the encrypted passwords from credentials-enc.properties to the queue.
The only problem is that I want to hide the clear text values from credentials.properties.
If the password is in clear text it works.
I'm using ActiveMQ 5.16.1 installed on a
Red Hat 6.6 linux server.
Does somebody know how to do this?
Thanks in advance!
I've tried encrypting it with jetty-util MD5 and jasypt. Neither works.
jms
activemq
securityexception
0 Answers
Your Answer