activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Justin Reock (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMQ-5236) Shiro Authentication and Authorization for ActiveMQ's Jetty Instance
Date Thu, 19 Jun 2014 19:08:25 GMT
Justin Reock created AMQ-5236:
---------------------------------

             Summary: Shiro Authentication and Authorization for ActiveMQ's Jetty Instance
                 Key: AMQ-5236
                 URL: https://issues.apache.org/jira/browse/AMQ-5236
             Project: ActiveMQ
          Issue Type: New Feature
          Components: webconsole
    Affects Versions: 5.10.0
         Environment: Any
            Reporter: Justin Reock
            Priority: Minor
             Fix For: Unscheduled


Shiro support for Authentication and Authorization was added to the ActiveMQ 5.10.0 release.
 Though the documentation states "The ActiveMQ Shiro plugin can secure all aspects of ActiveMQ,"
significant work must be done to enable support for authenticating into the web console, jolokia,
and anything else hosted by jetty in the broker.

The jetty-realm.properties file is still authoritative, and the jetty.xml configuration creates
a security handler and loginService which will have to be undone to allow Shiro to be authoritative.
 

My initial thought is to remove this authentication, and alter the web.xml files of the existing
webapps to use Shiro Filters, though this course of action may change as more research is
performed.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message