[
https://issues.apache.org/jira/browse/AMQ-9746?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nagaraju updated AMQ-9746:
--------------------------
Description:
We are currently configuring the *webconsole login* in ActiveMQ 6.1.7 using
{{EncryptedPropertiesLogin}} via JAAS, with {{users-enc.properties}} containing
encrypted passwords.
This configuration requires the use of the environment variable
{{{}ACTIVEMQ_ENCRYPTION_PASSWORD{}}}, which must currently be stored in
*plaintext* as either:
* A system environment variable
* A system property (e.g., via {{{}System.setProperty(){}}})
This approach raises {*}security concerns{*}, as the encryption key is exposed
in plaintext, especially when starting the broker via scripts or containerized
environments.
*login.config*
EncryptedPropertiesLogin {
org.apache.activemq.jaas.PropertiesLoginModule required
org.apache.activemq.jaas.properties.user="users-enc.properties"
org.apache.activemq.jaas.properties.group="groups.properties"
decrypt=true;
};
Is there a supported or recommended mechanism in ActiveMQ 6.1.7 to *avoid using
a plain-text encryption password* ({{{}ACTIVEMQ_ENCRYPTION_PASSWORD{}}})?
Specifically:
* Can we *store the encryption password securely in a file* (e.g.,
{{{}activemq_enc_pwd.properties{}}}) and have ActiveMQ or the JAAS module
{*}read and decrypt it at runtime{*}?
* Is it possible to plug in a custom {{StringPBEConfig}} implementation or
extend {{PropertiesLoginModule}} to load the encryption password
programmatically?
We would like to keep {{users-enc.properties}} encrypted for security, *without
exposing {{ACTIVEMQ_ENCRYPTION_PASSWORD}} in plain text* on disk or environment
variables.
was:
We are currently configuring the *webconsole login* in ActiveMQ 6.1.7 using
{{EncryptedPropertiesLogin}} via JAAS, with {{users-enc.properties}} containing
encrypted passwords.
This configuration requires the use of the environment variable
{{{}ACTIVEMQ_ENCRYPTION_PASSWORD{}}}, which must currently be stored in
*plaintext* as either:
* A system environment variable
* A system property (e.g., via {{{}System.setProperty(){}}})
This approach raises {*}security concerns{*}, as the encryption key is exposed
in plaintext, especially when starting the broker via scripts or containerized
environments.
*login.config*
EncryptedPropertiesLogin {
org.apache.activemq.jaas.PropertiesLoginModule required
org.apache.activemq.jaas.properties.user="users-enc.properties"
org.apache.activemq.jaas.properties.group="groups.properties"
decrypt=true;
};
Is there a supported or recommended mechanism in ActiveMQ 6.1.7 to *avoid using
a plain-text encryption password* ({{{}ACTIVEMQ_ENCRYPTION_PASSWORD{}}})?
Specifically:
* Can we *store the encryption password securely in a file* (e.g.,
{{{}activemq_enc_pwd.properties{}}}) and have ActiveMQ or the JAAS module
{*}read and decrypt it at runtime{*}?
* Is it possible to plug in a custom {{StringPBEConfig}} implementation or
extend {{PropertiesLoginModule}} to load the encryption password
programmatically?
We would like to keep {{users-enc.properties}} encrypted for security, *without
exposing {{ACTIVEMQ_ENCRYPTION_PASSWORD}} in plain text* on disk or environment
variables.
> Request for Securing ACTIVEMQ_ENCRYPTION_PASSWORD in ActiveMQ 6.1.7
> WebConsole Configuration
> --------------------------------------------------------------------------------------------
>
> Key: AMQ-9746
> URL: https://issues.apache.org/jira/browse/AMQ-9746
> Project: ActiveMQ Classic
> Issue Type: Bug
> Components: Web Console
> Environment: h3. *ActiveMQ Version:*
> {{6.1.7}}
> Reporter: Nagaraju
> Priority: Major
>
> We are currently configuring the *webconsole login* in ActiveMQ 6.1.7 using
> {{EncryptedPropertiesLogin}} via JAAS, with {{users-enc.properties}}
> containing encrypted passwords.
> This configuration requires the use of the environment variable
> {{{}ACTIVEMQ_ENCRYPTION_PASSWORD{}}}, which must currently be stored in
> *plaintext* as either:
> * A system environment variable
> * A system property (e.g., via {{{}System.setProperty(){}}})
> This approach raises {*}security concerns{*}, as the encryption key is
> exposed in plaintext, especially when starting the broker via scripts or
> containerized environments.
> *login.config*
> EncryptedPropertiesLogin {
> org.apache.activemq.jaas.PropertiesLoginModule required
>
>
> org.apache.activemq.jaas.properties.user="users-enc.properties"
>
> org.apache.activemq.jaas.properties.group="groups.properties"
> decrypt=true;
> };
> Is there a supported or recommended mechanism in ActiveMQ 6.1.7 to *avoid
> using a plain-text encryption password*
> ({{{}ACTIVEMQ_ENCRYPTION_PASSWORD{}}})?
> Specifically:
> * Can we *store the encryption password securely in a file* (e.g.,
> {{{}activemq_enc_pwd.properties{}}}) and have ActiveMQ or the JAAS module
> {*}read and decrypt it at runtime{*}?
> * Is it possible to plug in a custom {{StringPBEConfig}} implementation or
> extend {{PropertiesLoginModule}} to load the encryption password
> programmatically?
>
> We would like to keep {{users-enc.properties}} encrypted for security,
> *without exposing {{ACTIVEMQ_ENCRYPTION_PASSWORD}} in plain text* on disk or
> environment variables.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
