Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-6017

[Java Broker] Provide a mechanism by which "secure" attributes in the configuration can be encrypted

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.30
    • Component/s: Broker-J
    • Labels:
      None

      Description

      Attributes in the configuration which contain confidential information such as passwords are annotated as "secure" in their definition. This is used to prevent their disclosure through querying operations.

      However it may be the case that this information needs to be encrypted even within the configuration store. In this case the key material needed to decrypt the confidential information must be held outside the configuration mechanism (otherwise we are just shifting the problem around).

      Deployment environments may have site specific mechanisms my which encryption may occur, so the encryption mechanism must be pluggable and configurable at the broker (and potentially at the virtual host node) level.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rgodfrey Robert Godfrey
                Reporter:
                rgodfrey Robert Godfrey
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: