activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Strachan" <>
Subject Re: Authentication pattern with JMS?
Date Wed, 25 Apr 2007 05:28:19 GMT
It'd be much eaiser to just create a connnection per user/client and
use the built in JMS authentication

Then you'd get the benefit of being able to use fine grained
destination based authorisation as well as things like the broker
providing details of the user who sent a message etc

On 4/25/07, rousseau <> wrote:
> I'm looking to use ActiveMQ as a transport to my applications API as an
> alternative to using raw sockets. As I'm only using JMS as a transport
> layer, I don't think it's appropriate to use the ActiveMQ security, but I
> still need users to be authenticated.
> I had a look at the response/request pattern in the docs, and wonder if the
> following logic is the right one to use:
> # Client creates a temporaryqueue for responses (reponseQueue)
> # Client sends a message to the servers standard "login" queue, with
> replyTo() = responseQueue
> # Server checks the "login" queue for the new message
> # Server creates its own temporaryqueue for this users requests
> (requestQueue)
> # Server sends a message with a random string (salt) to responseQueue, with
> replyTo() = requestQueue
> # Client calculates the MD5 hash of password + salt, and sends a message
> with user and md5hash to requestQueue
> # Server authenticates the MD5 hash, and sends an ack message to
> responseQueue stating authentication OK or failed
> # if OK, Client should then send all messages to requestQueue and Server
> treats all messages on that queue as authenticated
> Does this make sense? or is there any way for unauthenticated users to spoof
> the requestQueue or listen in on responseQueue?
> /Steve
> --
> View this message in context:
> Sent from the ActiveMQ - User mailing list archive at



View raw message