Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Abandoned
-
5.11.1
-
None
-
None
-
ubuntu 64 bit server LTS 12.04
java version "1.7.0_07"
Java(TM) SE Runtime Environment (build 1.7.0_07-b10)
Java HotSpot(TM) 64-Bit Server VM (build 23.3-b01, mixed mode)
-
Patch Available
Description
decryption of password not working when using wrapper to start ActiveMQ.
The wrapper (bin/linux-x86-64/activemq) is configured to use a RUN_AS_USER=user.
To decrypt the password I am using the EnvironmentStringPBEConfig with an passwordEnvName.
When:
- login in as user, I can echo the variable given to EnvironmentStringPBEConfig.
- starting ActiveMQ vi sudo service activemq start, it stop immediately after this logging:
2015-04-09 12:18:04,851 | INFO | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@3a510e91: startup date [Thu Apr 09 12:18:04 UTC 2015]; root of context hierarchy | org.apache.activemq.xbean.XBeanBrokerFactory$1 | WrapperSimpleAppMain 2015-04-09 12:18:06,617 | INFO | Loading properties file from URL [file:../../conf/credentials.properties] | org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer | WrapperSimpleAppMain
The issue is that when ActiveMQ is started via a soft link, it will first resolve himself with absolute path and then call himself again with absolute path using the su command.
The su command is not configured to load the RUN_AS_USER environment. It is missing the --logging option. Hence the variable defined in the user environment and passed in the passwordEnvName is not set.
Patch provided