[
https://issues.apache.org/jira/browse/QPID-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14101965#comment-14101965
]
ASF subversion and git services commented on QPID-6017:
-------------------------------------------------------
Commit 1618815 from [~godfrer] in branch 'qpid/trunk'
[ https://svn.apache.org/r1618815 ]
QPID-6017 : [Jaa Broker] Provide a mechanism by which "secure" attributes in
the configuration can be encrypted
> [Java Broker] Provide a mechanism by which "secure" attributes in the
> configuration can be encrypted
> ----------------------------------------------------------------------------------------------------
>
> Key: QPID-6017
> URL: https://issues.apache.org/jira/browse/QPID-6017
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Rob Godfrey
> Assignee: Rob Godfrey
>
> Attributes in the configuration which contain confidential information such
> as passwords are annotated as "secure" in their definition. This is used to
> prevent their disclosure through querying operations.
> However it may be the case that this information needs to be encrypted even
> within the configuration store. In this case the key material needed to
> decrypt the confidential information must be held outside the configuration
> mechanism (otherwise we are just shifting the problem around).
> Deployment environments may have site specific mechanisms my which encryption
> may occur, so the encryption mechanism must be pluggable and configurable at
> the broker (and potentially at the virtual host node) level.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
