Hi David, I was actually thinking containers such as WebSphere which allow JNDI objects to be securely stored by an administrator. Sounds like that might not be useful in your case though.
I don't know the best way of securely storing the connection URL in Synapse. Writing a custom JMSListener may be an option. You could try asking for advice on the Synapse mailing list. Finally, note that Qpid does support client SSL authentication. This may provide the level of security that you need. If you think this might be useful we can help you set it up. Incidentally, which version of the Qpid client and broker are you using? Phil On Dec 8, 2012 4:47 PM, <[email protected]> wrote: > Hi, Phil, > > Thanks for the info. > > We are trying to embed qpid in Synapse where qpid connection information > is stored in a property file in the format like - > > connectionfactory.QueueConnectionFactory = > amqp://user:password@clientID/test?brokerlist=... > > So what you mean is that we need to create customized listener to read > the property file and decrypt the password where the password can be > encrypted? > > It seems out of the box in Synapse, it uses > org.apache.axis2.transport.jms.JMSListener and there is no such an > option. > > Thanks, > David > > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Phil Harvey > Sent: Saturday, December 08, 2012 2:11 AM > To: [email protected] > Subject: Re: How to encrypt user password in connection url > > Hi David, > > I assume you're talking about encrypting the stored URL string, and not > about encrypting the details sent over the wire to the broker. I think > the only way to do this is to store it in a secure JNDI context, e.g. > one provided by a Java application server. This is in line with the > approach commonly taken for making JDBC connections from JEE apps. > > Phil > > > On 8 December 2012 00:27, <[email protected]> wrote: > > > ** > > Hi, Guys, > > > > Is there a way to encrypt password in the connection URL below? > > > > amqp://[<user>:<pass>@][<clientid>]<virtualhost>[..] > > > > David > > > > Visit our website at http://www.ubs.com > > > > This message contains confidential information and is intended only > > for the individual named. If you are not the named addressee you > > should not disseminate, distribute or copy this e-mail. Please notify > > > the sender immediately by e-mail if you have received this e-mail by > > mistake and delete this e-mail from your system. > > > > E-mails are not encrypted and cannot be guaranteed to be secure or > > error-free as information could be intercepted, corrupted, lost, > > destroyed, arrive late or incomplete, or contain viruses. The sender > > therefore does not accept liability for any errors or omissions in the > > > contents of this message which arise as a result of e-mail > transmission. > > If verification is required please request a hard-copy version. This > > message is provided for informational purposes and should not be > > construed as a solicitation or offer to buy or sell any securities or > > related financial instruments. > > > > > > UBS reserves the right to retain all messages. Messages are protected > > and accessed only in legally justified cases. > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] For > > additional commands, e-mail: [email protected] > > > Visit our website at http://www.ubs.com > > This message contains confidential information and is intended only > for the individual named. If you are not the named addressee you > should not disseminate, distribute or copy this e-mail. Please > notify the sender immediately by e-mail if you have received this > e-mail by mistake and delete this e-mail from your system. > > E-mails are not encrypted and cannot be guaranteed to be secure or > error-free as information could be intercepted, corrupted, lost, > destroyed, arrive late or incomplete, or contain viruses. The sender > therefore does not accept liability for any errors or omissions in the > contents of this message which arise as a result of e-mail transmission. > If verification is required please request a hard-copy version. This > message is provided for informational purposes and should not be > construed as a solicitation or offer to buy or sell any securities > or related financial instruments. > > > UBS reserves the right to retain all messages. Messages are protected > and accessed only in legally justified cases. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
