activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Strachan" <james.strac...@gmail.com>
Subject Re: ActiveMQ and CRLs
Date Wed, 12 Dec 2007 06:44:01 GMT
On 11/12/2007, madandini <michael.dandini@gdc4s.com> wrote:
>
> Is it possible to use Certificate Revocation Lists to authenticate clients
> connecting to an ActiveMQ broker?
>
> I've seen some Java properties that can enable revocation checking (i.e.
> com.sun.net.ssl.checkRevocation & com.sun.security.enableCRLDP), but when I
> try to run the ActiveMQ broker with them, I receive a
> java.security.cert.CertPathValidatorException for no CRL found.  I haven't
> found any additional properties where I can specify a CRL file.  Maybe I'm
> missing something?
>
> Also, I saw that you can create a custom security plugin for the ActiveMQ
> broker (http://activemq.apache.org/security.html).  If it turns out that I
> can't use Java properties for CRL checking, would it be possible to write a
> JAAS plugin for it?

Sure - you should be able to do whatever you want in a security
plugin. There is a JAAS plugin already - you could maybe try that
first?

-- 
James
-------
http://macstrac.blogspot.com/

Open Source Integration
http://open.iona.com

Mime
View raw message