堆栈内存溢出
  繁体   English   中英

ActiveMQ 连接 URL 中的掩码密码

[英]Mask Password in ActiveMQ connection URL

 原文  2021-10-27 07:38:17       java/ spring-jms/ activemq-artemis

问题描述

我在 Spring 启动客户端上使用 JMS 通过 SSL 连接到 ActiveMQ Artemis 2.19.0 代理。

broker.xml我使用像ENC(32c6f67dae6cd61b0a7ad1702033aa81e6b2a760123f4360)这样的掩码密码而不是纯文本,它工作正常。

我尝试在我的 ActiveMQ 连接 URL 中使用相同的掩码密码而不是纯文本,如下面的代码所示,但它不起作用。 我正在使用此命令来屏蔽密码:

./artemis mask <plaintextPassword>

纯文本密码有效。

这是我配置连接工厂的代码:

ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(
        "(tcp://amq:61616)?" +
                "sslEnabled=true" +
                "&trustStorePath=" + trustStorePath + "&trustStorePassword=ENC(397e3aeeddf27c9783a3ab920d83e24da5b7d710df3b405f)"
);

我得到的错误:


2021-10-27 13:10:15.243  WARN 17748 --- [-netty-threads)] io.netty.channel.ChannelInitializer      : Failed to initialize a channel. Closing: [id: 0x07b0d96b]

java.io.IOException: keystore password was incorrect
        at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2116) ~[na:na]
        at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:243) ~[na:na]
        at java.base/java.security.KeyStore.load(KeyStore.java:1479) ~[na:na]
        at org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeystore(SSLSupport.java:224) ~[artemis-core-client-2.6.4.jar!/:2.6.4]
        at org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadTrustManagerFactory(SSLSupport.java:166) ~[artemis-core-client-2.6.4.jar!/:2.6.4]
        at org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadTrustManager(SSLSupport.java:195) ~[artemis-core-client-2.6.4.jar!/:2.6.4]
        at org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.createContext(SSLSupport.java:99) ~[artemis-core-client-2.6.4.jar!/:2.6.4]
        at org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector.loadJdkSslEngine(NettyConnector.java:624) ~[artemis-core-client-2.6.4.jar!/:2.6.4]
        at org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector.access$500(NettyConnector.java:124) ~[artemis-core-client-2.6.4.jar!/:2.6.4]
        at org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector$1.initChannel(NettyConnector.java:532) ~[artemis-core-client-2.6.4.jar!/:2.6.4]
        at io.netty.channel.ChannelInitializer.initChannel(ChannelInitializer.java:129) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.ChannelInitializer.handlerAdded(ChannelInitializer.java:112) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.AbstractChannelHandlerContext.callHandlerAdded(AbstractChannelHandlerContext.java:964) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.DefaultChannelPipeline.callHandlerAdded0(DefaultChannelPipeline.java:610) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.DefaultChannelPipeline.access$100(DefaultChannelPipeline.java:46) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.DefaultChannelPipeline$PendingHandlerAddedTask.execute(DefaultChannelPipeline.java:1474) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.DefaultChannelPipeline.callHandlerAddedForAllHandlers(DefaultChannelPipeline.java:1126) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.DefaultChannelPipeline.invokeHandlerAddedIfNeeded(DefaultChannelPipeline.java:651) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.AbstractChannel$AbstractUnsafe.register0(AbstractChannel.java:503) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.AbstractChannel$AbstractUnsafe.access$200(AbstractChannel.java:416) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.AbstractChannel$AbstractUnsafe$1.run(AbstractChannel.java:475) ~[netty-transport-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:163) ~[netty-common-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:416) ~[netty-common-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:331) ~[netty-transport-native-epoll-4.1.39.Final-linux-x86_64.jar!/:4.1.39.Final]
        at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:918) ~[netty-common-4.1.39.Final.jar!/:4.1.39.Final]
        at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[netty-common-4.1.39.Final.jar!/:4.1.39.Final]
        at org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118) ~[artemis-commons-2.6.4.jar!/:2.6.4]
Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
        ... 27 common frames omitted

是否有其他方法可以在连接 URL 中使用掩码密码而不是纯文本?

1 个解决方案

解决方案1
 1  2021-10-27 19:59:52

ActiveMQ Artemis 客户端不支持复合 url 中的加密密码(tcp://amq:61616)? ,见ARTEMIS-3543 解决方法是避免碎片,即

ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(
    "tcp://amq:61616?" +
            "sslEnabled=true" +
            "&trustStorePath=" + trustStorePath + "&trustStorePassword=ENC(397e3aeeddf27c9783a3ab920d83e24da5b7d710df3b405f)"
);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ActiveMQ故障转移连接URL Blob消息的ActiveMQ连接网址 使用ActiveMQ JMS连接的用户名和密码 JDBC 连接 URL 中的用户名和密码 ActiveMQ 密码 EncryptionOperationNotPossibleExecption ActiveMQ连接被拒绝 ActiveMQ http连接被拒绝 ActiveMQ http连接错误 activemq故障转移连接不起作用 连接时ActiveMQ超时
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM