Hello Artemis Users, We have a user that is using 2.21.0 of Artemis, and they are attempting to mask the password being used in login.properties. The password is to a LDAP server. When testing, and placing the password in plain text into the login.properties file, Artemis is able to authenticate no problem. This user would like to obfuscate the password in login.properties for security purposes, and ran the following command to generate a non-hashed masked password:
./artemis mask xyz The generated masked password was then placed into login.properties as follows: connectionPassword="ENC(maskofxyz)" When attempting to use the masked password, Artemis logs the following error in artemis.log: 2022-07-19 11:26:08,144 ERROR [org.apache.activemq.artemis.core.server] AMQ224084: Failed to open context: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563�] I researched this error which details that it's an authentication failure. We did notice the user had changed the name of the configuration for login to login.properties, and I am not finding any references to that file out there now. The documentation mentions that this technique works with login.config but does not mention login.properties. My question to the community, is simply does this feature work in 2.21.0 the way this user is intending it to work? Is there an issue with the fact that the config file is named login.properties instead of login.config? Can you possibly confirm if this is a known issue? Andrew Pomponio | Associate Enterprise Architect, OpenLogic<https://www.openlogic.com/?utm_leadsource=email-signature&utm_source=outlook-direct-email&utm_medium=email&utm_campaign=2019-common&utm_content=email-signature-link> Perforce Software<http://www.perforce.com/?utm_leadsource=email-signature&utm_source=outlook-direct-email&utm_medium=email&utm_campaign=2021-common&utm_content=email-signature-link> P: +1 612.517.2100 <tel:> Visit us on: LinkedIn<https://www.linkedin.com/company/perforce?utm_leadsource=email-signature&utm_source=outlook-direct-email&utm_medium=email&utm_campaign=2021-common&utm_content=email-signature-link> | Twitter<https://twitter.com/perforce?utm_leadsource=email-signature&utm_source=outlook-direct-email&utm_medium=email&utm_campaign=2021-common&utm_content=email-signature-link> | Facebook<https://www.facebook.com/perforce/?utm_leadsource=email-signature&utm_source=outlook-direct-email&utm_medium=email&utm_campaign=2021-common&utm_content=email-signature-link> | YouTube<https://www.youtube.com/user/perforcesoftware?utm_leadsource=email-signature&utm_source=outlook-direct-email&utm_medium=email&utm_campaign=2021-common&utm_content=email-signature-link> Coming in April: Use our new Community portal to submit/track support cases!<https://www.perforce.com/support/community-portal-faq?utm_source=sales-signature&utm_medium=email&utm_campaign=community-portal-faq&utm_content=resource?utm_leadsource=email-signature&utm_source=outlook-direct-email&utm_medium=email&utm_campaign=2021-common&utm_content=email-signature-link> This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.
