activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Piotr Klimczak (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMQ-4693) Add kerberos [SASL] authentication for TCP connectors
Date Sun, 23 Jul 2017 19:36:00 GMT

    [ https://issues.apache.org/jira/browse/AMQ-4693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16097779#comment-16097779
] 

Piotr Klimczak commented on AMQ-4693:
-------------------------------------

Hi [~gtully]

If you are interested, I have created a prototype of SASL+GSS auth/encryption using NIO protocol:
https://github.com/PiotrKlimczak/activemq/commit/6b135f42999ce0ddfecc33bf493c8bce4a85fed0#diff-bd60bbebdd3a94f2ae6b59cf1a3f69ba

It is test passing and functional, however not PR ready as it requires some cleanup/reworking
(config params for example) which I am not planning to do as I was about to do prove of concept
only- unless any ActiveMQ commiter will ask me to do so, then I am happy to improve it.

This implementation is SASL using GSS only, however SASL is capable of doing multiple mechanisms,
see: https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml
I would imaging supporting different mechanisms than GSS would require only few changes, like
different callbacks implementation, so this might be quite powerful approach and should be
closer to C/Linux world.

If you want me to do same in Artemis- but clean/PR/Merge ready, then let me know.

Cheers.

> Add kerberos [SASL] authentication for TCP connectors
> -----------------------------------------------------
>
>                 Key: AMQ-4693
>                 URL: https://issues.apache.org/jira/browse/AMQ-4693
>             Project: ActiveMQ
>          Issue Type: New Feature
>          Components: Broker
>    Affects Versions: 5.8.0
>         Environment: linux, solaris
>            Reporter: Bhanu
>            Priority: Minor
>             Fix For: Unscheduled
>
>
> Hi,
> Can kerberos based authentication be added to ActiveMQ's TCP connectors.
> Thanks,
> Bhanu



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message