Return-Path: <commits-return-45512-archive-asf-public=cust-asf.ponee.io@activemq.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 9104E200C33
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri, 24 Feb 2017 16:53:56 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 8FC26160B5C; Fri, 24 Feb 2017 15:53:56 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id DCA6B160B69
	for <archive-asf-public@cust-asf.ponee.io>; Fri, 24 Feb 2017 16:53:55 +0100 (CET)
Received: (qmail 38196 invoked by uid 500); 24 Feb 2017 15:53:55 -0000
Mailing-List: contact commits-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@activemq.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@activemq.apache.org>
List-Post: <mailto:commits@activemq.apache.org>
List-Id: <commits.activemq.apache.org>
Reply-To: dev@activemq.apache.org
Delivered-To: mailing list commits@activemq.apache.org
Received: (qmail 38103 invoked by uid 99); 24 Feb 2017 15:53:55 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 24 Feb 2017 15:53:55 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id DE0C6DFD9E; Fri, 24 Feb 2017 15:53:54 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: clebertsuconic@apache.org
To: commits@activemq.apache.org
Date: Fri, 24 Feb 2017 15:53:54 -0000
Message-Id: <059a2100f9e14cbd9e77af6aa4a937c3@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [1/2] activemq-artemis git commit: [docs] migration guide -
 authentication
archived-at: Fri, 24 Feb 2017 15:53:56 -0000

Repository: activemq-artemis
Updated Branches:
  refs/heads/master 229797d15 -> 54a11f023


[docs] migration guide - authentication


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/31ffb205
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/31ffb205
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/31ffb205

Branch: refs/heads/master
Commit: 31ffb205c1921be58b2a50caab7232b4307589e8
Parents: 229797d
Author: Dejan Bosanac <dejan@nighttale.net>
Authored: Fri Feb 24 13:40:14 2017 +0100
Committer: Clebert Suconic <clebertsuconic@apache.org>
Committed: Fri Feb 24 10:52:23 2017 -0500

----------------------------------------------------------------------
 docs/migration-guide/en/SUMMARY.md        |  1 +
 docs/migration-guide/en/authentication.md | 22 ++++++++++++++++++++++
 2 files changed, 23 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/31ffb205/docs/migration-guide/en/SUMMARY.md
----------------------------------------------------------------------
diff --git a/docs/migration-guide/en/SUMMARY.md b/docs/migration-guide/en/SUMMARY.md
index 731c94b..a0bc705 100644
--- a/docs/migration-guide/en/SUMMARY.md
+++ b/docs/migration-guide/en/SUMMARY.md
@@ -3,4 +3,5 @@
 * [Configuration](configuration.md)
 * [Connectors](connectors.md)
 * [Destinations](destinations.md)
+* [Authentication](authentication.md)
 * [Legal Notice](notice.md)

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/31ffb205/docs/migration-guide/en/authentication.md
----------------------------------------------------------------------
diff --git a/docs/migration-guide/en/authentication.md b/docs/migration-guide/en/authentication.md
new file mode 100644
index 0000000..35fe088
--- /dev/null
+++ b/docs/migration-guide/en/authentication.md
@@ -0,0 +1,22 @@
+Authentication
+=====================================
+
+Now that we have our acceptors and addresses ready, it's time to deal with broker security. Artemis inherited most of the security concepts from ActiveMQ. One of the most notable differences is that ActiveMQ *groups* are now called *roles* in Artemis. Besides that things should be pretty familiar to existing ActiveMQ users. Let's start by looking into the authentication mechanisms and defining users and roles (groups).
+ 
+ Both ActiveMQ and Artemis use JAAS to define authentication credentials. In ActiveMQ, that's configured through the appropriate broker plugin in `conf/activemq.xml`
+
+    <plugins>
+      <jaasAuthenticationPlugin configuration="activemq" />
+    </plugins>
+    
+The name of the JAAS domain is specified as a configuration parameter.    
+    
+In Artemis, the same thing is achieved by defining `<jaas-security>` configuration in `etc/bootstrap.xml`
+
+    <jaas-security domain="activemq"/>
+    
+From this point on, you can go and define your users and their roles in appropriate files, like `conf/users.properties` and `conf/groups.properties` in ActiveMQ. Similarly, `etc/artemis-users.properties` and `etc/artemis-roles.properties` files are used in Artemis. These files are intechangable, so you should be able to just copy your existing configuration over to the new broker. 
+
+If your deployment is more complicated that this and requires some advanced JAAS configuration, you'll need go and change the `etc/login.config` file. It's important to say that all custom JAAS modules and configuration you were using in ActiveMQ should be compatible with Artemis.
+
+Finally, in case you're still using ActiveMQ's *Simple Authentication Plugin*, which defines users and groups directly in the broker's xml configuration file, you'll need to migrate to JAAS as Artemis doesn't support the similar concept.
\ No newline at end of file