Dear Community I tried to setup my ActiveMQ broker with authentication which is working fine. But for productive usage I would like to encrypt plain passwords in the property files. I used the following guides:
https://activemq.apache.org/components/classic/documentation/security https://activemq.apache.org/components/classic/documentation/encrypted-passwords The user setup with encrypted passwords is working now for the broker but not for the web-based services like /admin or /api. After long reading I've only found the possibility to use the old approach from ActiveMQ v5x using jetty-realm.properties which supports encrypted passwords via Jetty's Password Utilility. At the moment it seems when using encrypted passwords that I have to maintain 2 files in parallel with users and also different encryption algorithms. One for the broker and one for the web-based services. Is it somehow possible to use the same User/Groups from the broker also for the web-based services when using password encryption in file credentials-enc.properties? I don't want to configure 2 files. Additionally I am not happy with insecure hashes from Jetty Utility (OBF / MD5 / CRYPT). I look forward to your feedback. Best regards Martin
