activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ttmdev <>
Subject Re: Security Issue
Date Thu, 20 Sep 2007 02:35:23 GMT

Out of the box, ActiveMQ provides a modest authentication service via the
simpleAuthenticationPlugin. See .
When enabled it will force the clients to provide a valid userid and passwd
in order to successfully connect with the broker. It won't prevent a DOS
attack, but at least it will keep just anyone from gaining access to the

Ramsub wrote:
> Is that activemq intended to be running within an enterprise firewall? My
> application is expected to run in a box which will be connected to
> internet. In this case, running the broker listening on tcp://localhost is
> risky because anyone out in the internet could potentially make DOS kind
> of attacks.
> Is there a way we can restrict the broker to provide access only to
> certain trusted clients( like an ACL)? Or should I rely on the network to
> provide such a security.
> Would appreciate a response from architects/experts.
> Thanks,
> -rama

View this message in context:
Sent from the ActiveMQ - User mailing list archive at

View raw message