Hi @All/Justin, I have deployed ActiveMQ Artemis 2.34.0 in my prod environment, but this has been flagged by auditors for exposing web console credentials (mostly concerned with password) when the web browser request payload is captured by burpsuite or browser developer tools. See sample screenshot below.
[image: amqscreenshot.png] Is there a way I can set up artemis web application to encrypt the credentials before placing them in the request payload and sending in plain-text? Alternatively is there a way to configure Artemis to use federated identity like Azure Entra ID or authentication redirect to Azure? Instead of using basic authentication of username and password? Kindly note ssl is already configured but this is only encrypting the traffic in transit, but at web browser the traffic is visible. Regards, Shirley Platform Engineer
