From d166533f42db98ca1028e5007ee54905becd19a9 Mon Sep 17 00:00:00 2001
From: Clebert Suconic <clebertsuconic@apache.org>
Date: Tue, 17 Mar 2015 10:42:51 -0400
Subject: [PATCH] Doc changes and placing the main method back to
 DefaultSensitiveStringCodec

---
 .../utils/DefaultSensitiveStringCodec.java     | 18 ++++++++++++++++++
 docs/user-manual/en/configuration-index.md     |  8 +++++---
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/activemq-commons/src/main/java/org/apache/activemq/utils/DefaultSensitiveStringCodec.java b/activemq-commons/src/main/java/org/apache/activemq/utils/DefaultSensitiveStringCodec.java
index 1d17b2c735..fa0884fc3d 100644
--- a/activemq-commons/src/main/java/org/apache/activemq/utils/DefaultSensitiveStringCodec.java
+++ b/activemq-commons/src/main/java/org/apache/activemq/utils/DefaultSensitiveStringCodec.java
@@ -98,6 +98,24 @@ public class DefaultSensitiveStringCodec implements SensitiveDataCodec<String>
       }
    }
 
+   /**
+    * This main class is as documented on configuration-index.md, where the user can mask the password here. *
+    * @param args
+    * @throws Exception
+    */
+   public static void main(String[] args) throws Exception
+   {
+      if (args.length != 1)
+      {
+         System.err.println("Use: java -cp <classPath> org.apache.activemq.utils.DefaultSensitiveStringCodec password-to-encode");
+         System.err.println("Error: no password on the args");
+         System.exit(-1);
+      }
+      DefaultSensitiveStringCodec codec = new DefaultSensitiveStringCodec();
+      Object encode = codec.encode(args[0]);
+      System.out.println("Encoded password (without quotes): \"" + encode + "\"");
+   }
+
    private void updateKey(String key)
    {
       this.internalKey = key.getBytes();
diff --git a/docs/user-manual/en/configuration-index.md b/docs/user-manual/en/configuration-index.md
index 852def7cea..b083eec637 100644
--- a/docs/user-manual/en/configuration-index.md
+++ b/docs/user-manual/en/configuration-index.md
@@ -428,13 +428,15 @@ org.apache.activemq.utils.DefaultSensitiveStringCodec. It has both
 encoding and decoding capabilities. It uses java.crypto.Cipher utilities
 to encrypt (encode) a plaintext password and decrypt a mask string using
 same algorithm. Using this decoder/encoder is pretty straightforward. To
-get a mask for a password, just run the following in command line:
+get a mask for a password, just run the main class at org.apache.activemq.utils.DefaultSensitiveStringCodec.
+
+An easy way to do it is through activemq-tools-<VERSION>-jar-with-dependencies.jar since it has all the dependencies:
 
 ```sh
-    java org.apache.activemq.utils.DefaultSensitiveStringCodec "your plaintext password"
+    java -cp activemq-tools-6.0.0-jar-with-dependencies.jar org.apache.activemq.utils.DefaultSensitiveStringCodec "your plaintext password"
 ```
 
-Make sure the classpath is correct. You'll get something like
+If you don't want to use the jar-with-dependencies, make sure the classpath is correct. You'll get something like
 
 ```
     Encoded password: 80cf731af62c290