qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-6017) [Java Broker] Provide a mechanism by which "secure" attributes in the configuration can be encrypted
Date Tue, 19 Aug 2014 16:15:18 GMT

    [ https://issues.apache.org/jira/browse/QPID-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14102380#comment-14102380

ASF subversion and git services commented on QPID-6017:

Commit 1618892 from [~godfrer] in branch 'qpid/trunk'
[ https://svn.apache.org/r1618892 ]

QPID-6017 : [Java Broker] add tests for AESKeyFileEncrypterFactory

> [Java Broker] Provide a mechanism by which "secure" attributes in the configuration can
be encrypted
> ----------------------------------------------------------------------------------------------------
>                 Key: QPID-6017
>                 URL: https://issues.apache.org/jira/browse/QPID-6017
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>            Reporter: Rob Godfrey
>            Assignee: Rob Godfrey
>             Fix For: 0.31
> Attributes in the configuration which contain confidential information such as passwords
are annotated as "secure" in their definition.  This is used to prevent their disclosure through
querying operations.  
> However it may be the case that this information needs to be encrypted even within the
configuration store.  In this case the key material needed to decrypt the confidential information
must be held outside the configuration mechanism (otherwise we are just shifting the problem
> Deployment environments may have site specific mechanisms my which encryption may occur,
so the encryption mechanism must be pluggable and configurable at the broker (and potentially
at the virtual host node) level.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org

View raw message