activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lionel Cons <>
Subject Re: Security of the management interface
Date Mon, 30 May 2011 13:15:35 GMT
Hiram Chirino writes:
 > Now if you access:
 > /broker/config
 > That gives you the raw configuration file as it exists on disk without
 > any variable substitution performed.
 > So if you store passwords in the file, then they will get
 > transmitted.


I have the feeling that other parts of the configuration file can also
be sensitive. The <acl> elements for instance can tell you who can do
what on the broker.

IMHO, the access to the broker configuration as a whole is sentive
enough to deserve a dedicated element controlling its authorization.



View raw message