apache · chris-joys · Sep 13, 2021 · mattrpav · Sep 21, 2021
diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/JaasAuthenticationBroker.java b/activemq-broker/src/main/java/org/apache/activemq/security/JaasAuthenticationBroker.java
@@ -18,6 +18,7 @@
 
 import java.security.Principal;
 import java.security.cert.X509Certificate;
+import java.util.Properties;
 import java.util.Set;
 
 import javax.security.auth.Subject;
@@ -26,6 +27,7 @@
 import org.apache.activemq.broker.Broker;
 import org.apache.activemq.broker.ConnectionContext;
 import org.apache.activemq.command.ConnectionInfo;
+import org.apache.activemq.jaas.EncryptionSupport;
 import org.apache.activemq.jaas.JassCredentialCallbackHandler;
 
 /**
@@ -86,6 +88,10 @@ public void addConnection(ConnectionContext context, ConnectionInfo info) throws
     @Override
     public SecurityContext authenticate(String username, String password, X509Certificate[] certificates) throws SecurityException {
         SecurityContext result = null;
+        Properties prop = new Properties();
+    	prop.put(username, password);
+    	EncryptionSupport.decrypt(prop);
+    	password = prop.getProperty(username);
         JassCredentialCallbackHandler callback = new JassCredentialCallbackHandler(username, password);
         try {
             LoginContext lc = new LoginContext(jassConfiguration, callback);