[
https://issues.apache.org/jira/browse/DISPATCH-1445?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16953082#comment-16953082
]
ASF GitHub Bot commented on DISPATCH-1445:
------------------------------------------
bhardesty commented on pull request #587: DISPATCH-1445 - Modeled saslPassword
to be more or less in line with …
URL: https://github.com/apache/qpid-dispatch/pull/587#discussion_r335640689
##########
File path: python/qpid_dispatch/management/qdrouter.json
##########
@@ -1008,7 +1008,7 @@
"saslPassword": {
"type": "string",
"required": false,
- "description": "The password that the connector is using
to connect to a peer.",
+ "description": "The password that the connector is using
to connect to a peer. Supports three prefixes namely - env:, file:, pass:.
env:var obtains the password from the environment variable var. Since the
environment of other processes is visible on certain platforms (e.g. ps under
certain Unix OSes) this option should be used with caution. file:absolutepath
obtains the password from the absolute path of the file containing the
password. This option is the safest since permissions can be set on the file.
pass:password or password with no prefix is used to directly specify the
password and should only be used where security is not important",
Review comment:
It's never easy to describe multiple values in paragraph format, but I think
this works a bit better:
The password that the connector is using to connect to a peer. You can
specify the password by specifying an environment variable that stores the
password, a file that stores the password, or by entering the password in clear
text. To use an environment variable, specify "saslPassword:
env:<environment-variable>". Use this option with caution, because the
environment of other processes is visible on certain platforms (for example,
"ps" on certain Unix OSs). To use a file, specify "saslPassword:
file:<absolute-path-to-file>". This option is the most secure, because
permissions can be set on the file that contains the password. To specify the
password in clear text, specify "saslPassword: pass:<password>" or
"saslPassword: <password>". This option is insecure, so it should only be used
if security is not a concern.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Update saslPassword attribute in connector entity to use openssl style
> prefixes
> -------------------------------------------------------------------------------
>
> Key: DISPATCH-1445
> URL: https://issues.apache.org/jira/browse/DISPATCH-1445
> Project: Qpid Dispatch
> Issue Type: Improvement
> Components: Container
> Reporter: Ganesh Murthy
> Assignee: Ganesh Murthy
> Priority: Major
> Fix For: 1.10.0
>
>
> Modify the saslPassword attribute of the connector entity to use env: file:
> and pass: prefixes. Model this around the sslProfile's password field.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
