activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chir...@apache.org
Subject [2/2] git commit: Implements AMQ-5123: Optionally support encrypted passwords in ActiveMQ users.properties file.
Date Thu, 27 Mar 2014 17:10:51 GMT
Implements AMQ-5123: Optionally support encrypted passwords in ActiveMQ users.properties file.

Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/5da7ab3c
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/5da7ab3c
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/5da7ab3c

Branch: refs/heads/trunk
Commit: 5da7ab3c0ee027a29c328e48614ffe1a69401577
Parents: bc47020
Author: Hiram Chirino <hiram@hiramchirino.com>
Authored: Thu Mar 27 13:10:28 2014 -0400
Committer: Hiram Chirino <hiram@hiramchirino.com>
Committed: Thu Mar 27 13:10:28 2014 -0400

----------------------------------------------------------------------
 .../console/command/DecryptCommand.java         |  6 ++-
 .../console/command/EncryptCommand.java         |  6 ++-
 .../activemq/console/command/ShellCommand.java  | 15 +++++-
 activemq-jaas/pom.xml                           |  5 ++
 .../apache/activemq/jaas/EncryptionSupport.java | 52 ++++++++++++++++++++
 .../activemq/jaas/PrincipalProperties.java      |  4 ++
 6 files changed, 84 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq/blob/5da7ab3c/activemq-console/src/main/java/org/apache/activemq/console/command/DecryptCommand.java
----------------------------------------------------------------------
diff --git a/activemq-console/src/main/java/org/apache/activemq/console/command/DecryptCommand.java
b/activemq-console/src/main/java/org/apache/activemq/console/command/DecryptCommand.java
index 6ba22d3..6757786 100644
--- a/activemq-console/src/main/java/org/apache/activemq/console/command/DecryptCommand.java
+++ b/activemq-console/src/main/java/org/apache/activemq/console/command/DecryptCommand.java
@@ -27,7 +27,8 @@ public class DecryptCommand extends EncryptCommand {
             "Description: Decrypts given text.",
             "", 
             "Encrypt Options:",
-            "    --password <password>      Password to be used by the encryptor.",
+            "    --password <password>      Password to be used by the encryptor. 
Defaults to",
+            "                               the value in the ACTIVEMQ_ENCRYPTION_PASSWORD
env variable.",
             "    --input <input>            Text to be encrypted.",
             "    --version                  Display the version information.",
             "    -h,-?,--help               Display the stop broker help information.",
@@ -46,6 +47,9 @@ public class DecryptCommand extends EncryptCommand {
 
     @Override
     protected void runTask(List<String> tokens) throws Exception {
+        if( password == null ) {
+            password = System.getenv("ACTIVEMQ_ENCRYPTION_PASSWORD");
+        }
         if (password == null || input == null) {
             context.printException(new IllegalArgumentException("input and password parameters
are mandatory"));
             return;

http://git-wip-us.apache.org/repos/asf/activemq/blob/5da7ab3c/activemq-console/src/main/java/org/apache/activemq/console/command/EncryptCommand.java
----------------------------------------------------------------------
diff --git a/activemq-console/src/main/java/org/apache/activemq/console/command/EncryptCommand.java
b/activemq-console/src/main/java/org/apache/activemq/console/command/EncryptCommand.java
index 6d8172d..ce61ee0 100644
--- a/activemq-console/src/main/java/org/apache/activemq/console/command/EncryptCommand.java
+++ b/activemq-console/src/main/java/org/apache/activemq/console/command/EncryptCommand.java
@@ -27,7 +27,8 @@ public class EncryptCommand extends AbstractCommand {
             "Description: Encrypts given text.",
             "", 
             "Encrypt Options:",
-            "    --password <password>      Password to be used by the encryptor.",
+            "    --password <password>      Password to be used by the encryptor. 
Defaults to",
+            "                               the value in the ACTIVEMQ_ENCRYPTION_PASSWORD
env variable.",
             "    --input <input>            Text to be encrypted.",
             "    --version                  Display the version information.",
             "    -h,-?,--help               Display the stop broker help information.",
@@ -55,6 +56,9 @@ public class EncryptCommand extends AbstractCommand {
 
     @Override
     protected void runTask(List<String> tokens) throws Exception {
+        if( password == null ) {
+            password = System.getenv("ACTIVEMQ_ENCRYPTION_PASSWORD");
+        }
         if (password == null || input == null) {
             context.printException(new IllegalArgumentException("input and password parameters
are mandatory"));
             return;

http://git-wip-us.apache.org/repos/asf/activemq/blob/5da7ab3c/activemq-console/src/main/java/org/apache/activemq/console/command/ShellCommand.java
----------------------------------------------------------------------
diff --git a/activemq-console/src/main/java/org/apache/activemq/console/command/ShellCommand.java
b/activemq-console/src/main/java/org/apache/activemq/console/command/ShellCommand.java
index 6c5ccd9..10074aa 100644
--- a/activemq-console/src/main/java/org/apache/activemq/console/command/ShellCommand.java
+++ b/activemq-console/src/main/java/org/apache/activemq/console/command/ShellCommand.java
@@ -157,9 +157,20 @@ public class ShellCommand extends AbstractCommand {
 
     ArrayList<Command> getCommands() {
         ServiceLoader<Command> loader = ServiceLoader.load(Command.class);
+        Iterator<Command> iterator = loader.iterator();
         ArrayList<Command> rc = new ArrayList<Command>();
-        for( Command command: loader ) {
-            rc.add(command);
+        boolean done = false;
+        while (!done) {
+            try {
+                if( iterator.hasNext() ) {
+                    rc.add(iterator.next());
+                } else {
+                    done = true;
+                }
+            } catch (ServiceConfigurationError e) {
+                // it's ok, some commands may not load if their dependencies
+                // are not available.
+            }
         }
         return rc;
     }

http://git-wip-us.apache.org/repos/asf/activemq/blob/5da7ab3c/activemq-jaas/pom.xml
----------------------------------------------------------------------
diff --git a/activemq-jaas/pom.xml b/activemq-jaas/pom.xml
index 2197e3e..d6488d5 100644
--- a/activemq-jaas/pom.xml
+++ b/activemq-jaas/pom.xml
@@ -105,5 +105,10 @@
       <artifactId>slf4j-log4j12</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.jasypt</groupId>
+      <artifactId>jasypt</artifactId>
+      <optional>true</optional>
+    </dependency>
   </dependencies>
 </project>

http://git-wip-us.apache.org/repos/asf/activemq/blob/5da7ab3c/activemq-jaas/src/main/java/org/apache/activemq/jaas/EncryptionSupport.java
----------------------------------------------------------------------
diff --git a/activemq-jaas/src/main/java/org/apache/activemq/jaas/EncryptionSupport.java b/activemq-jaas/src/main/java/org/apache/activemq/jaas/EncryptionSupport.java
new file mode 100644
index 0000000..22d6494
--- /dev/null
+++ b/activemq-jaas/src/main/java/org/apache/activemq/jaas/EncryptionSupport.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.jaas;
+
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
+import org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig;
+import org.jasypt.properties.PropertyValueEncryptionUtils;
+
+import java.util.ArrayList;
+import java.util.Properties;
+
+/**
+ * Holds utility methods used work with encrypted values.
+ */
+public class EncryptionSupport {
+
+    static public void decrypt(Properties props) {
+        StandardPBEStringEncryptor encryptor = createEncryptor();
+        for (Object k : new ArrayList(props.keySet())) {
+            String key = (String) k;
+            String value = props.getProperty(key);
+            if (PropertyValueEncryptionUtils.isEncryptedValue(value)) {
+                value = PropertyValueEncryptionUtils.decrypt(value, encryptor);
+                props.setProperty(key, value);
+            }
+        }
+
+    }
+    public static StandardPBEStringEncryptor createEncryptor() {
+        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
+        EnvironmentStringPBEConfig config = new EnvironmentStringPBEConfig();
+        config.setAlgorithm("PBEWithMD5AndDES");
+        config.setPasswordEnvName("ACTIVEMQ_ENCRYPTION_PASSWORD");
+        encryptor.setConfig(config);
+        return encryptor;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/activemq/blob/5da7ab3c/activemq-jaas/src/main/java/org/apache/activemq/jaas/PrincipalProperties.java
----------------------------------------------------------------------
diff --git a/activemq-jaas/src/main/java/org/apache/activemq/jaas/PrincipalProperties.java
b/activemq-jaas/src/main/java/org/apache/activemq/jaas/PrincipalProperties.java
index 601d0cc..3ff623c 100644
--- a/activemq-jaas/src/main/java/org/apache/activemq/jaas/PrincipalProperties.java
+++ b/activemq-jaas/src/main/java/org/apache/activemq/jaas/PrincipalProperties.java
@@ -64,4 +64,8 @@ class PrincipalProperties {
             in.close();
         }
     }
+
+    Properties getPrincipals() {
+        return principals;
+    }
 }


Mime
View raw message