activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ARTEMIS-229) Additional address argument for validateUserAndRole
Date Fri, 25 Sep 2015 14:18:04 GMT

    [ https://issues.apache.org/jira/browse/ARTEMIS-229?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14908077#comment-14908077
] 

ASF GitHub Bot commented on ARTEMIS-229:
----------------------------------------

Github user clebertsuconic commented on the pull request:

    https://github.com/apache/activemq-artemis/pull/175#issuecomment-143235768
  
    Looks good... I am not sure I like the name ActiveMQSecurityManager2 though...
    
    But I am failing to find a better one. I thought about 
    - ActiveMQSecurityManagerExt
    - ActiveMQSecurityManagerAddress
    - ActiveMQSecurityManagerV2   (this one probably makes it a better sense... the V makes
it clear it's a versioning thing, and we would deprecate the previous one)



> Additional address argument for validateUserAndRole
> ---------------------------------------------------
>
>                 Key: ARTEMIS-229
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-229
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>          Components: Broker
>            Reporter: Julian Scheid
>            Priority: Minor
>
> Making {{validateUserAndRole}} accept an extra {{address}} parameter and passing the
destination address in {{SecurityStoreImpl.check}} (along with changing the cache keys accordingly)
enables authorization schemes that take the destination address into account.
> To some degree this is already possible using the {{securityRepository}} but only for
a static list of roles and destinations, it doesn't work so well in an environment where e.g.
queues are created dynamically and need to be authorized based on the user's identity.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message