activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hiram Chirino <hi...@hiramchirino.com>
Subject Re: Security of the management interface
Date Wed, 18 May 2011 00:05:14 GMT
Good feedback.  Opened some issues to track.  Feel free to add more as
they come to mind.

https://issues.apache.org/jira/browse/APLO-11
https://issues.apache.org/jira/browse/APLO-12

Regards,
Hiram

FuseSource
Web: http://fusesource.com/

Connect at CamelOne May 24-26
The Open Source Integration Conference



On Tue, May 17, 2011 at 2:14 AM, Lionel Cons <lionel.cons@cern.ch> wrote:
> Hiram,
>
> First of all, thanks for starting to document the management interface. I
> hope you will add the missing bits (e.g. get/update apollo.xml, shutdown the
> broker...) soon.
>
> Here are some security related comments.
>
> Since credentials will be given in clear to the management interface (HTTP
> basic authentication), Apollo should support SSL encryption for it.
>
> The current authorization scheme (allow users defined in broker.admin to do
> everything) is not fine grain enough. At minimum, there should be the
> possibility to have two different accesses: read-only (only get information
> without changing the broker state) and read-write (such as restarting the
> broker, changing its configuration, deleting a queue...). Note that the
> broker configuration is very sensitive since it may contain clear text
> passwords (e.g. <key_storage>) and security settings (who is allowed to do
> what).
>
> Maybe the management interface should have its own fine grain access control
> (a bit like httpd) so that one can specify at the URL level who can do what?
>
> The management interface will probably be extended to include what the
> ActiveMQ web console provides today. If this is the case, actions such as
> browsing a queue, inspecting a message, sending a message, etc. should be
> controlled by the same per destination ACLs used by the STOMP access.
>
> Cheers,
>
> Lionel
>

Mime
View raw message