My Oracle Support Banner

OSA Requires JMS Passwords In Cleartext (Doc ID 2298178.1)

Last updated on MARCH 04, 2019

Applies to:

Oracle Stream Analytics - Version 12.2.1.0.0 and later
Information in this document applies to any platform.

Goal

We are using JMS queues/topics in an OSA application. The configuration parameters that we specify for the applications are mentioned below:

JMS.jndiProviderUrl=t3://ip.ip.ip.ip:7001/
JMS.jndiFactory=weblogic.jndi.WLInitialContextFactory
JMS.user=weblogic
JMS.password=travel123
JMS.destination=ss/cmit_outAdmin

Inside the OSA application, we reference this configuration in the context.xml as below:


<wlevs:adapter id="JMS-Out-EP" provider="jms-outbound">
<wlevs:instance-property name="jndiProviderUrl" value="${JMS.jndiProviderUrl}"/>
<wlevs:instance-property name="user" value="${JMS.user}"/>
<wlevs:instance-property name="password" value="${JMS.password}"/>
<wlevs:instance-property name="destinationJndiName" value="${JMS.destination}"/>
<wlevs:instance-property name="jndiFactory" value="${JMS.jndiFactory}"/>
<wlevs:instance-property name="eventType" value="AnyEvent"/>
</wlevs:adapter>
  

  
  
  
As you can see above, the password for the jms is mentioned in cleartext. This is a high security risk. We need this password to be encrypted.

How to specify the jms password in encrypted form ?

What is the encryption length for the password?

What is the algorithm used in the encryption?

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.