Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-26

Artemis users | HawTIO security - Password in plaintext

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • A-MQ 7.0.0.ER13
    • None
    • None

    • jamq 7.0.0.ER2

    • Documentation (Ref Guide, User Guide, etc.)

      If an instance it's created password is saved in file etc/artemis-users.properties in plaintext form. 

      admin:password123

      Result:
      Please make password like hash for example with bcrypt or PBKDF2WithHmacSHA1.

      admin:$2a$04$JlTbeko1aDdVEvFd7G/DdO6W6VDGa8RuOtbT1YnP5NnJqqsE/q/7a

      Useful links:
      https://github.com/jeremyh/jBCrypt
      https://www.owasp.org/index.php/Hashing_Java

              gaohoward Howard Gao
              dlenoch@redhat.com Dominik Lenosi (Inactive)
              Dominik Lenosi Dominik Lenosi (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: