activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antoine Wils (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMQ-5715) ActiveMQ cannot load decryption password from environment variable
Date Thu, 09 Apr 2015 12:54:12 GMT
Antoine Wils created AMQ-5715:
---------------------------------

             Summary: ActiveMQ cannot load decryption password from environment variable
                 Key: AMQ-5715
                 URL: https://issues.apache.org/jira/browse/AMQ-5715
             Project: ActiveMQ
          Issue Type: Bug
          Components: Distribution
    Affects Versions: 5.11.1
         Environment: ubuntu 64 bit server LTS 12.04

java version "1.7.0_07"
Java(TM) SE Runtime Environment (build 1.7.0_07-b10)
Java HotSpot(TM) 64-Bit Server VM (build 23.3-b01, mixed mode)

            Reporter: Antoine Wils
            Priority: Minor


decryption of password not working when using wrapper to start ActiveMQ.

The wrapper (bin/linux-x86-64/activemq) is configured to use a RUN_AS_USER=user.
To decrypt the password I am using the EnvironmentStringPBEConfig with an passwordEnvName.

When login in as user, I can echo the variable given to EnvironmentStringPBEConfig.
When starting ActiveMQ vi sudo service activemq start, it stop immediately after this logging:
2015-04-09 12:18:04,851 | INFO  | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@3a510e91:
startup date [Thu Apr 09 12:18:04 UTC 2015]; root of context hierarchy | org.apache.activemq.xbean.XBeanBrokerFactory$1
| WrapperSimpleAppMain
2015-04-09 12:18:06,617 | INFO  | Loading properties file from URL [file:../../conf/credentials.properties]
| org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer | WrapperSimpleAppMain

The issue is that when ActiveMQ is started via a soft link, it will first resolve himself
with absolute path and then call himself again with absolute path using the *su* command.
The *su* command is not configured to load the RUN_AS_USER environment. It is missing the
*--logging* option. Hence the variable defined in the user environment and passed in the passwordEnvName
is not set.

Patch provided



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message