activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (ARTEMIS-229) Additional address argument for validateUserAndRole
Date Fri, 25 Sep 2015 14:18:04 GMT


ASF GitHub Bot commented on ARTEMIS-229:

Github user clebertsuconic commented on the pull request:
    Looks good... I am not sure I like the name ActiveMQSecurityManager2 though...
    But I am failing to find a better one. I thought about 
    - ActiveMQSecurityManagerExt
    - ActiveMQSecurityManagerAddress
    - ActiveMQSecurityManagerV2   (this one probably makes it a better sense... the V makes
it clear it's a versioning thing, and we would deprecate the previous one)

> Additional address argument for validateUserAndRole
> ---------------------------------------------------
>                 Key: ARTEMIS-229
>                 URL:
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>          Components: Broker
>            Reporter: Julian Scheid
>            Priority: Minor
> Making {{validateUserAndRole}} accept an extra {{address}} parameter and passing the
destination address in {{SecurityStoreImpl.check}} (along with changing the cache keys accordingly)
enables authorization schemes that take the destination address into account.
> To some degree this is already possible using the {{securityRepository}} but only for
a static list of roles and destinations, it doesn't work so well in an environment where e.g.
queues are created dynamically and need to be authorized based on the user's identity.

This message was sent by Atlassian JIRA

View raw message