activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dejan Bosanac <de...@nighttale.net>
Subject Re: BrokerFilter securing addBroker() via SSL certs?
Date Wed, 15 Dec 2010 11:07:01 GMT
Your case is supported. You need to authenticate both your brokers and
clients in the same way and then give them different privileges (using
authorization).

See http://activemq.apache.org/security.html for more information.

In the example I sent you earlier, there are no usernames and
passwords as the brokers are authenticated using their certificates (I
thought that's what you're trying to do).


Cheers
--
Dejan Bosanac
-----------------
FuseSource - The experts in open source integration and messaging.
Email: dejanb@fusesource.com
Web: http://fusesource.com
Twitter:  http://twitter.com/dejanb
ActiveMQ in Action - http://www.manning.com/snyder/
Blog - http://www.nighttale.net



On Tue, Dec 14, 2010 at 6:55 PM, artnaseef
<Arthur.Naseef@ticketmaster.com> wrote:
>
> Can this solution meet all of my needs?  Let me clarify the needs.
>
> Authorized brokers must be distinguished from end-clients.  For example,
> some clients will be limited in which queues and topics they are allowed to
> access, which messages they may receive, and more.  On the other hand,
> authorized brokers connected to the network will always be allowed to access
> all queues and topics (at least, in the current design).
>
> In addition, a separate system maintains the end-client permissions based on
> information in the SSL certificate (DN).
>
> Are user/password credentials applied to distinguish brokers?  I'm not
> seeing user/password credentials in the test.
>
> If the JAAS plugin can meet my needs, that would be great.
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/BrokerFilter-securing-addBroker-via-SSL-certs-tp3086239p3087621.html
> Sent from the ActiveMQ - Dev mailing list archive at Nabble.com.
>

Mime
View raw message