Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-2628

Ensure sensitive credentials are not logged in plain text

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • AMQ 7.4.1.GA
    • AMQ 7.3.0.GA, AMQ 7.4.0.CR2
    • container image
    • None
    • 2
    • AMQ Broker 2919, ignore

    Description

      At the moment the way that the user and cluster user credentials are configured is to pass them to the artemis create command which gets logged in full as per this example:

      Configuring Broker
Broker will be clustered
Creating Broker with args --silent --role admin --name amq-broker --http-host example-activemqartemis-ss-1 --java-options=-Djava.net.preferIPv4Stack=true  --user admin --password admin  --allow-anonymous --data /opt/example-activemqartemis/data --no-autotune --clustered --cluster-user=clusterpoduser --cluster-password=clusterpodpassword --host example-activemqartemis-ss-1

      Here we can see the --password XXXXX and --cluster-password YYYYY passed in the clear.

      Attachments

        Issue Links

          duplicates

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. ENTMQBR-2183 Hide password from default amq image logs when pod is created

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed
          is related to

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. ENTMQBR-2629 Ensure sensitive credentials are stored in kubernetes secrets

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Task - Represents a small unit of work that is not end-user facing. ENTMQBR-2830 Documentation: Ensure sensitive credentials are stored in kubernetes secrets

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              gaohoward Howard Gao
              rhn-support-rkieley Roderick Kieley
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: