activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hiram Chirino <>
Subject Re: Security of the management interface
Date Thu, 19 May 2011 00:28:00 GMT
I've just deployed a new snapshot of apollo which should also setup an
https port so that you can use the rest interface without transmitting
passwords in the clear.  Still working on the fine grained
authorization roles.



Connect at CamelOne May 24-26
The Open Source Integration Conference

On Tue, May 17, 2011 at 2:14 AM, Lionel Cons <> wrote:
> Hiram,
> First of all, thanks for starting to document the management interface. I
> hope you will add the missing bits (e.g. get/update apollo.xml, shutdown the
> broker...) soon.
> Here are some security related comments.
> Since credentials will be given in clear to the management interface (HTTP
> basic authentication), Apollo should support SSL encryption for it.
> The current authorization scheme (allow users defined in broker.admin to do
> everything) is not fine grain enough. At minimum, there should be the
> possibility to have two different accesses: read-only (only get information
> without changing the broker state) and read-write (such as restarting the
> broker, changing its configuration, deleting a queue...). Note that the
> broker configuration is very sensitive since it may contain clear text
> passwords (e.g. <key_storage>) and security settings (who is allowed to do
> what).
> Maybe the management interface should have its own fine grain access control
> (a bit like httpd) so that one can specify at the URL level who can do what?
> The management interface will probably be extended to include what the
> ActiveMQ web console provides today. If this is the case, actions such as
> browsing a queue, inspecting a message, sending a message, etc. should be
> controlled by the same per destination ACLs used by the STOMP access.
> Cheers,
> Lionel

View raw message