karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré ...@nanthrax.net>
Subject Re: Jaas and users.properties
Date Tue, 28 Apr 2015 16:37:21 GMT
Hi Xavier,

1/ correct
2/ the encryption is just for the Karaf PropertiesLoginModule (so 
basically the etc/users.properties). It doesn't affect other login modules.

Do you use StandardPBEStringEncryptor in ActiveMQ ?

Regards
JB

On 04/28/2015 06:22 PM, xav wrote:
> Hi all,
>
> I am disappointed !!! with the encrypt data and configuration file!!
> I have a bundle who try to establish a connection with activemq broker
> (5.9.0) inside karaf (2.3.9)
> If in this file org.apache.karaf.jaas.cfg I turn on the encrypt value
> encryption.enabled = true
> encryption.name =
>
> I have this code in my bundle connectionFactory.createConnection(user,
> password);
> it's works, but I must provide the password in clear,
> - first question:
> if I retrieve this password from a configuration file I must decrypt it
> before, and use it, in Karaf the EncryptionService does not provide this
> services, so I must doing the reverse than the BasicEncryption class does,
> isn't it ???
> - second question
> If I want to use jasypt encryption for jaas in karaf, I did this
> encryption.enabled = true
> encryption.name = jasypt
> But with activemq it's doesn't work, the authentication fail, I don't know
> where I put the configuration for jasypt, like:
> name="algorithm" value="PBEWithMD5AndDES"
> name="passwordEnvName" value="secret"
> and must I doing the same thing like the first question, i.e. using
> connectionFactory.createConnection(user, password); with a plain text
> password ??
> Must I decrypt it like jasypt cli:
>   decrypt input=YgWJNxz75OJJY...... password=secret
> algorithm=PBEWithMD5AndDES
>
> Thanks a lot for your help
>
> Regards
>
>
>
>
>
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Jaas-and-users-properties-tp4039414p4040047.html
> Sent from the Karaf - Dev mailing list archive at Nabble.com.
>

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Mime
View raw message