Return-Path: 
 <activemq-users-return-2757-apmail-geronimo-activemq-users-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-activemq-users-archive@www.apache.org
Received: (qmail 38730 invoked from network); 12 Jul 2006 18:16:13 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 12 Jul 2006 18:16:13 -0000
Received: (qmail 86847 invoked by uid 500); 12 Jul 2006 18:16:12 -0000
Delivered-To: apmail-geronimo-activemq-users-archive@geronimo.apache.org
Received: (qmail 86830 invoked by uid 500); 12 Jul 2006 18:16:12 -0000
Mailing-List: contact activemq-users-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:activemq-users-help@geronimo.apache.org>
List-Unsubscribe: <mailto:activemq-users-unsubscribe@geronimo.apache.org>
List-Post: <mailto:activemq-users@geronimo.apache.org>
List-Id: <activemq-users.geronimo.apache.org>
Reply-To: activemq-users@geronimo.apache.org
Delivered-To: mailing list activemq-users@geronimo.apache.org
Received: (qmail 86821 invoked by uid 99); 12 Jul 2006 18:16:12 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Jul 2006 11:16:12 -0700
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: local policy)
Received: from [80.254.111.197] (HELO bercut.donpac.ru) (80.254.111.197)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Jul 2006 11:16:10 -0700
Received: from [192.168.47.2] (unknown [192.168.47.2])
	by bercut.donpac.ru (Postfix) with ESMTP id 22D36406F
	for <activemq-users@geronimo.apache.org>;
 Wed, 12 Jul 2006 22:15:45 +0400 (MSD)
Message-ID: <44B53C52.6090303@stc.donpac.ru>
Date: Wed, 12 Jul 2006 22:15:46 +0400
From: Eugene Prokopiev <prokopiev@stc.donpac.ru>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; ru-RU; rv:1.7.2) Gecko/20040808
X-Accept-Language: ru-ru, ru
MIME-Version: 1.0
To: activemq-users@geronimo.apache.org
Subject: Re: Advanced authentication and authorization scenario
References: <44B4D919.1020708@stc.donpac.ru>
 <ec6e67fd0607120421k273aa50bk7af6cb1c415554c@mail.gmail.com>
In-Reply-To: <ec6e67fd0607120421k273aa50bk7af6cb1c415554c@mail.gmail.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

> You could reuse the AuthorizationPlugin/AuthorizationBroker and just
> implement your own AuthorizationMap 

Thanks, it's very interesting idea ...

> - or just write your own broker
> interceptor and override the methods that the AuthorizationBroker does
> to add security checks to the broker however you wish.
> 
>>  Can I
>> implement only one class for intercept sending and recieving events with
>> user/group info and raise authentication exception if needed?
>>  Need I use
>> something like BrokerFilter and override some methods from it? How can I
>> turn on my descendant of BrokerFilter for existing broker in this case?
>> Can anybody give me a simple example?
> 
> 
> Yes
> 
> BTW take a look at how the logging interceptor is written; combining
> the BrokerFilter and BrokerPlugin in a single class...
> 
> http://svn.apache.org/repos/asf/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/util/ 
> 
> 
> http://incubator.apache.org/activemq/logging-interceptor.html

I already created this class:

public class MyPlugin extends BrokerPluginSupport {

	public void send(ConnectionContext context, Message messageSend) throws
Exception {
		System.out.println("SendMessage");
		super.send(context, messageSend);
	}

}

and describe it here:

<beans>
	<bean id="broker" class="org.apache.activemq.broker.BrokerService"
init-method="start" destroy-method="stop">
		<property name="persistent" value="false"/>
		<property name="transportConnectorURIs">
			<list>
				<value>tcp://localhost:61234</value>
			</list>
		</property>
		<property name="plugins">
			<list>
				<bean class="MyPlugin"/>
			</list>
		</property>
	</bean>
</beans>

So, which MutableBrokerFilter methods need I reimplement to catch (and
raise exception if needed) this producer code if producer use wrong
destination:

ActiveMQConnection connection =
ActiveMQConnection.makeConnection("producer1", "pw1",
"tcp://localhost:61234");
connection.start();
Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
Destination destination = session.createQueue("monitoring.m1");
MessageProducer producer = session.createProducer(destination);
TextMessage message = session.createTextMessage("Test Message String");
producer.send(message);
session.close();
connection.close();

Which method need I to catch for rejecting recieving message from this code:

ActiveMQConnection connection =
ActiveMQConnection.makeConnection("consumer1", "pw1",
"tcp://localhost:61234");
connection.start();
Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
Destination destination = session.createQueue("monitoring.m1");
MessageConsumer consumer = session.createConsumer(destination);
while (true) {
	Message message = consumer.receive(Long.MAX_VALUE);
}

Is it possible to change message destination in my filter or make a copy
of message and send it to another destination? How can I do it?

--
Thanks,
Eugene Prokopiev