mirror of https://github.com/apache/activemq.git
https://issues.apache.org/activemq/browse/AMQ-2460 - improve encrypted passwords
git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@992251 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
db5ba04cd2
commit
8ef1d794f7
|
@ -21,15 +21,11 @@
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||||
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
|
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
|
||||||
|
|
||||||
<!-- Allows us to use encrypted system properties as variables in this configuration file -->
|
<!-- Allows us to use system properties as variables in this configuration file -->
|
||||||
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
|
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
|
||||||
<property name="algorithm" value="PBEWithMD5AndDES"/>
|
<property name="locations">
|
||||||
<property name="password" value="activemq"/>
|
<value>file:${activemq.base}/conf/credentials.properties</value>
|
||||||
</bean>
|
</property>
|
||||||
|
|
||||||
<bean id="propertyConfigurer" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
|
|
||||||
<constructor-arg ref="configurationEncryptor" />
|
|
||||||
<property name="location" value="file:${activemq.base}/conf/credentials.properties"/>
|
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
## ---------------------------------------------------------------------------
|
||||||
|
## Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
## contributor license agreements. See the NOTICE file distributed with
|
||||||
|
## this work for additional information regarding copyright ownership.
|
||||||
|
## The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
## (the "License"); you may not use this file except in compliance with
|
||||||
|
## the License. You may obtain a copy of the License at
|
||||||
|
##
|
||||||
|
## http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
##
|
||||||
|
## Unless required by applicable law or agreed to in writing, software
|
||||||
|
## distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
## See the License for the specific language governing permissions and
|
||||||
|
## limitations under the License.
|
||||||
|
## ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# Defines credentials that will be used by components (like web console) to access the broker
|
||||||
|
|
||||||
|
activemq.username=system
|
||||||
|
activemq.password=ENC(mYRkg+4Q4hua1kvpCCI2hg==)
|
||||||
|
guest.password=ENC(Cf3Jf3tM+UrSOoaKU50od5CuBa8rxjoL)
|
|
@ -18,7 +18,5 @@
|
||||||
# Defines credentials that will be used by components (like web console) to access the broker
|
# Defines credentials that will be used by components (like web console) to access the broker
|
||||||
|
|
||||||
activemq.username=system
|
activemq.username=system
|
||||||
#activemq.password=manager
|
activemq.password=manager
|
||||||
activemq.password=ENC(mYRkg+4Q4hua1kvpCCI2hg==)
|
guest.password=password
|
||||||
#guest.password=password
|
|
||||||
guest.password=ENC(Cf3Jf3tM+UrSOoaKU50od5CuBa8rxjoL)
|
|
|
@ -21,15 +21,11 @@
|
||||||
|
|
||||||
<import resource="webconsole-query.xml"/>
|
<import resource="webconsole-query.xml"/>
|
||||||
|
|
||||||
<!-- Allows us to use encrypted system properties as variables in this configuration file -->
|
<!-- Allows us to use system properties as variables in this configuration file -->
|
||||||
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
|
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
|
||||||
<property name="algorithm" value="PBEWithMD5AndDES"/>
|
<property name="locations">
|
||||||
<property name="password" value="activemq"/>
|
<value>file:${activemq.base}/conf/credentials.properties</value>
|
||||||
</bean>
|
</property>
|
||||||
|
|
||||||
<bean id="propertyConfigurer" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
|
|
||||||
<constructor-arg ref="configurationEncryptor" />
|
|
||||||
<property name="location" value="file:${activemq.base}/conf/credentials.properties"/>
|
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<!-- use the following bean for a local in-JVM broker -->
|
<!-- use the following bean for a local in-JVM broker -->
|
||||||
|
|
|
@ -25,15 +25,11 @@
|
||||||
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
|
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
|
||||||
">
|
">
|
||||||
|
|
||||||
<!-- Allows us to use encrypted system properties as variables in this configuration file -->
|
<!-- Allows us to use system properties as variables in this configuration file -->
|
||||||
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
|
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
|
||||||
<property name="algorithm" value="PBEWithMD5AndDES"/>
|
<property name="locations">
|
||||||
<property name="password" value="activemq"/>
|
<value>file:${activemq.base}/conf/credentials.properties</value>
|
||||||
</bean>
|
</property>
|
||||||
|
|
||||||
<bean id="propertyConfigurer" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
|
|
||||||
<constructor-arg ref="configurationEncryptor" />
|
|
||||||
<property name="location" value="file:${activemq.base}/conf/credentials.properties"/>
|
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<camelContext id="camel" xmlns="http://camel.apache.org/schema/spring">
|
<camelContext id="camel" xmlns="http://camel.apache.org/schema/spring">
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
|
|
||||||
To run ActiveMQ with this configuration add xbean:conf/activemq-command.xml to your command
|
To run ActiveMQ with this configuration add xbean:conf/activemq-command.xml to your command
|
||||||
|
|
||||||
e.g. $ bin/activemq xbean:conf/activemq-command.xml
|
e.g. $ bin/activemq console xbean:conf/activemq-command.xml
|
||||||
-->
|
-->
|
||||||
<beans
|
<beans
|
||||||
xmlns="http://www.springframework.org/schema/beans"
|
xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
|
|
||||||
To run ActiveMQ with this configuration add xbean:conf/activemq-demo.xml to your command
|
To run ActiveMQ with this configuration add xbean:conf/activemq-demo.xml to your command
|
||||||
|
|
||||||
e.g. $ bin/activemq xbean:conf/activemq-demo.xml
|
e.g. $ bin/activemq console xbean:conf/activemq-demo.xml
|
||||||
-->
|
-->
|
||||||
<beans
|
<beans
|
||||||
xmlns="http://www.springframework.org/schema/beans"
|
xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
|
|
@ -22,11 +22,11 @@
|
||||||
|
|
||||||
To run this example network of ActiveMQ brokers run
|
To run this example network of ActiveMQ brokers run
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-dynamic-network-broker1.xml
|
$ bin/activemq console xbean:conf/activemq-dynamic-network-broker1.xml
|
||||||
|
|
||||||
and
|
and
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-dynamic-network-broker2.xml
|
$ bin/activemq console xbean:conf/activemq-dynamic-network-broker2.xml
|
||||||
|
|
||||||
in separate consoles
|
in separate consoles
|
||||||
-->
|
-->
|
||||||
|
|
|
@ -22,11 +22,11 @@
|
||||||
|
|
||||||
To run this example network of ActiveMQ brokers run
|
To run this example network of ActiveMQ brokers run
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-dynamic-network-broker1.xml
|
$ bin/activemq console xbean:conf/activemq-dynamic-network-broker1.xml
|
||||||
|
|
||||||
and
|
and
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-dynamic-network-broker2.xml
|
$ bin/activemq console xbean:conf/activemq-dynamic-network-broker2.xml
|
||||||
|
|
||||||
in separate consoles
|
in separate consoles
|
||||||
-->
|
-->
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
|
|
||||||
To run ActiveMQ with this configuration add xbean:conf/activemq-jdbc.xml to your command
|
To run ActiveMQ with this configuration add xbean:conf/activemq-jdbc.xml to your command
|
||||||
|
|
||||||
e.g. $ bin/activemq xbean:conf/activemq-jdbc.xml
|
e.g. $ bin/activemq console xbean:conf/activemq-jdbc.xml
|
||||||
-->
|
-->
|
||||||
<beans
|
<beans
|
||||||
xmlns="http://www.springframework.org/schema/beans"
|
xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
e.g. ACTIVEMQ_OPTS="-Xmx1024M -Dorg.apache.activemq.UseDedicatedTaskRunner=false"
|
e.g. ACTIVEMQ_OPTS="-Xmx1024M -Dorg.apache.activemq.UseDedicatedTaskRunner=false"
|
||||||
|
|
||||||
To run ActiveMQ with this configuration add xbean:conf/activemq-scalability.xml to your command
|
To run ActiveMQ with this configuration add xbean:conf/activemq-scalability.xml to your command
|
||||||
e.g. $ bin/activemq xbean:conf/activemq-scalability.xml
|
e.g. $ bin/activemq console xbean:conf/activemq-scalability.xml
|
||||||
-->
|
-->
|
||||||
<beans
|
<beans
|
||||||
xmlns="http://www.springframework.org/schema/beans"
|
xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
|
|
@ -21,9 +21,13 @@
|
||||||
|
|
||||||
http://activemq.apache.org/security.html
|
http://activemq.apache.org/security.html
|
||||||
|
|
||||||
|
Beofre you can run this configuration, you need to set ACTIVEMQ_ENCRYPTION_PASSWORD environment variable, like
|
||||||
|
|
||||||
|
$ export ACTIVEMQ_ENCRYPTION_PASSWORD=activemq
|
||||||
|
|
||||||
To run ActiveMQ with this configuration add xbean:conf/activemq-security.xml to your command
|
To run ActiveMQ with this configuration add xbean:conf/activemq-security.xml to your command
|
||||||
|
|
||||||
e.g. $ bin/activemq xbean:conf/activemq-security.xml
|
e.g. $ bin/activemq console xbean:conf/activemq-security.xml
|
||||||
-->
|
-->
|
||||||
<beans
|
<beans
|
||||||
xmlns="http://www.springframework.org/schema/beans"
|
xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
@ -33,14 +37,18 @@
|
||||||
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
|
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
|
||||||
|
|
||||||
<!-- Allows us to use encrypted system properties as variables in this configuration file -->
|
<!-- Allows us to use encrypted system properties as variables in this configuration file -->
|
||||||
|
<bean id="environmentVariablesConfiguration" class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
|
||||||
|
<property name="algorithm" value="PBEWithMD5AndDES" />
|
||||||
|
<property name="passwordEnvName" value="ACTIVEMQ_ENCRYPTION_PASSWORD" />
|
||||||
|
</bean>
|
||||||
|
|
||||||
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
|
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
|
||||||
<property name="algorithm" value="PBEWithMD5AndDES"/>
|
<property name="config" ref="environmentVariablesConfiguration" />
|
||||||
<property name="password" value="activemq"/>
|
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="propertyConfigurer" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
|
<bean id="propertyConfigurer" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
|
||||||
<constructor-arg ref="configurationEncryptor" />
|
<constructor-arg ref="configurationEncryptor" />
|
||||||
<property name="location" value="file:${activemq.base}/conf/credentials.properties"/>
|
<property name="location" value="file:${activemq.base}/conf/credentials-enc.properties"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" destroyApplicationContextOnStop="true">
|
<broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" destroyApplicationContextOnStop="true">
|
||||||
|
|
|
@ -22,11 +22,11 @@
|
||||||
|
|
||||||
To run this example network of ActiveMQ brokers run
|
To run this example network of ActiveMQ brokers run
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-static-network-broker1.xml
|
$ bin/activemq console xbean:conf/activemq-static-network-broker1.xml
|
||||||
|
|
||||||
and
|
and
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-static-network-broker2.xml
|
$ bin/activemq console xbean:conf/activemq-static-network-broker2.xml
|
||||||
|
|
||||||
in separate consoles
|
in separate consoles
|
||||||
-->
|
-->
|
||||||
|
|
|
@ -22,11 +22,11 @@
|
||||||
|
|
||||||
To run this example network of ActiveMQ brokers run
|
To run this example network of ActiveMQ brokers run
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-static-network-broker1.xml
|
$ bin/activemq console xbean:conf/activemq-static-network-broker1.xml
|
||||||
|
|
||||||
and
|
and
|
||||||
|
|
||||||
$ bin/activemq xbean:conf/activemq-static-network-broker2.xml
|
$ bin/activemq console xbean:conf/activemq-static-network-broker2.xml
|
||||||
|
|
||||||
in separate consoles
|
in separate consoles
|
||||||
-->
|
-->
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
e.g. ACTIVEMQ_OPTS="-Xmx1024M -Dorg.apache.activemq.UseDedicatedTaskRunner=false"
|
e.g. ACTIVEMQ_OPTS="-Xmx1024M -Dorg.apache.activemq.UseDedicatedTaskRunner=false"
|
||||||
|
|
||||||
To run ActiveMQ with this configuration add xbean:conf/activemq-stomp.xml to your command
|
To run ActiveMQ with this configuration add xbean:conf/activemq-stomp.xml to your command
|
||||||
e.g. $ bin/activemq xbean:conf/activemq-stomp.xml
|
e.g. $ bin/activemq console xbean:conf/activemq-stomp.xml
|
||||||
-->
|
-->
|
||||||
<beans
|
<beans
|
||||||
xmlns="http://www.springframework.org/schema/beans"
|
xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
|
|
@ -20,6 +20,9 @@
|
||||||
|
|
||||||
For more information, see:
|
For more information, see:
|
||||||
http://activemq.apache.org/performance-tuning.html
|
http://activemq.apache.org/performance-tuning.html
|
||||||
|
|
||||||
|
To run ActiveMQ with this configuration add xbean:conf/activemq-throughput.xml to your command
|
||||||
|
e.g. $ bin/activemq console xbean:conf/activemq-throughput.xml
|
||||||
-->
|
-->
|
||||||
<beans
|
<beans
|
||||||
xmlns="http://www.springframework.org/schema/beans"
|
xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
|
Loading…
Reference in New Issue