Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-3798

JDBC XML config can't use custom password codec

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • AMQ 7.8.0.CR1
    • AMQ 7.7.0.GA
    • jdbc
    • None
    • Hide
      Previously, if you specified a masked password for the `jdbc-password` parameter and a custom codec for the `password-codec` parameter in your broker configuration, the broker always used the default `org.apache.activemq.artemis.utils.DefaultSensitiveStringCodec` codec to decode the password. This issue is now resolved.
      Show
      Previously, if you specified a masked password for the `jdbc-password` parameter and a custom codec for the `password-codec` parameter in your broker configuration, the broker always used the default `org.apache.activemq.artemis.utils.DefaultSensitiveStringCodec` codec to decode the password. This issue is now resolved.
    • Documented as Resolved Issue
    • Verified in a release

      When a custom password decoder class is specified in the password-codec tag, it doesn't work. It always uses the DefaultSensitiveStringCodec class for decoding the password.  

      The broker calls the parseStoreConfiguration((Element) storeTypeNodes.item(0), config); before reading the password-codec or mask-password so the codecClass is always null here:

        */
         public static String resolveMask(Boolean maskPassword, String password, String codecClass) throws Exception {
            String plainText = password;
            if (maskPassword == null) {
               if (isEncMasked(password)) {
                  //masked
                  String bareMaskedPassword = unwrap(password);
                  plainText = getCodec(codecClass).decode(bareMaskedPassword);
               }
            } else if (maskPassword) {
               plainText = getCodec(codecClass).decode(password);
            }
            return plainText;
         }
      
      
       if (storeTypeNodes.getLength() > 0) {
               parseStoreConfiguration((Element) storeTypeNodes.item(0), config);
            }
      
            config.setResolveProtocols(getBoolean(e, "resolve-protocols", config.isResolveProtocols()));
      
            config.setPersistenceEnabled(getBoolean(e, "persistence-enabled", config.isPersistenceEnabled()));
      
            config.setPersistDeliveryCountBeforeDelivery(getBoolean(e, "persist-delivery-count-before-delivery", config.isPersistDeliveryCountBeforeDelivery()));
      
            config.setScheduledThreadPoolMaxSize(getInteger(e, "scheduled-thread-pool-max-size", config.getScheduledThreadPoolMaxSize(), Validators.GT_ZERO));
      
            config.setThreadPoolMaxSize(getInteger(e, "thread-pool-max-size", config.getThreadPoolMaxSize(), Validators.MINUS_ONE_OR_GT_ZERO));
      
            config.setSecurityEnabled(getBoolean(e, "security-enabled", config.isSecurityEnabled()));
      
            config.setGracefulShutdownEnabled(getBoolean(e, "graceful-shutdown-enabled", config.isGracefulShutdownEnabled()));
      
            config.setGracefulShutdownTimeout(getLong(e, "graceful-shutdown-timeout", config.getGracefulShutdownTimeout(), Validators.MINUS_ONE_OR_GE_ZERO));
      
            config.setJMXManagementEnabled(getBoolean(e, "jmx-management-enabled", config.isJMXManagementEnabled()));
      
            config.setJMXDomain(getString(e, "jmx-domain", config.getJMXDomain(), Validators.NOT_NULL_OR_EMPTY));
      
            config.setJMXUseBrokerName(getBoolean(e, "jmx-use-broker-name", config.isJMXUseBrokerName()));
      
            config.setSecurityInvalidationInterval(getLong(e, "security-invalidation-interval", config.getSecurityInvalidationInterval(), Validators.GT_ZERO));
      
            config.setConnectionTTLOverride(getLong(e, "connection-ttl-override", config.getConnectionTTLOverride(), Validators.MINUS_ONE_OR_GT_ZERO));
      
            config.setEnabledAsyncConnectionExecution(getBoolean(e, "async-connection-execution-enabled", config.isAsyncConnectionExecutionEnabled()));
      
            config.setTransactionTimeout(getLong(e, "transaction-timeout", config.getTransactionTimeout(), Validators.GT_ZERO));
      
            config.setTransactionTimeoutScanPeriod(getLong(e, "transaction-timeout-scan-period", config.getTransactionTimeoutScanPeriod(), Validators.GT_ZERO));
      
            config.setMessageExpiryScanPeriod(getLong(e, "message-expiry-scan-period", config.getMessageExpiryScanPeriod(), Validators.MINUS_ONE_OR_GT_ZERO));
      
            config.setAddressQueueScanPeriod(getLong(e, "address-queue-scan-period", config.getAddressQueueScanPeriod(), Validators.MINUS_ONE_OR_GT_ZERO));
      
            config.setIDCacheSize(getInteger(e, "id-cache-size", config.getIDCacheSize(), Validators.GT_ZERO));
      
            config.setPersistIDCache(getBoolean(e, "persist-id-cache", config.isPersistIDCache()));
      
            config.setManagementAddress(new SimpleString(getString(e, "management-address", config.getManagementAddress().toString(), Validators.NOT_NULL_OR_EMPTY)));
      
            config.setManagementNotificationAddress(new SimpleString(getString(e, "management-notification-address", config.getManagementNotificationAddress().toString(), Validators.NOT_NULL_OR_EMPTY)));
      
            config.setMaskPassword(getBoolean(e, "mask-password", null));
      
            config.setPasswordCodec(getString(e, "password-codec", DefaultSensitiveStringCodec.class.getName(), Validators.NOT_NULL_OR_EMPTY));
      

              rhn-support-jbertram Justin Bertram
              rhn-support-adongre Avinash Dongre
              Oleg Sushchenko Oleg Sushchenko
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: