activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Natit <pet...@zirius.no>
Subject Access control on the message queue
Date Wed, 12 Mar 2008 10:15:57 GMT

i'd like to create a plugin that handles all user authentication in a simple
way. I do not want to use JAAS, and i need to sync the authorized users and
topics with another application.

I would like a plugin template that has something with a similar signature:
boolean canRead(ConnectionInfo,ActiveMQDestination);
boolean canWrite(ConnectionInfo,ActiveMQDestination);
boolean isAdmin(ConnectionInfo,ActiveMQDestination);

And for user authorization something like
boolean canLogin(ConnectionContext,ConnectionInfo);
but alas i have not found one.

I need to be able to add users and modify the authorization levels on the
fly based on data from outside active mq so using the simpleAuthplugin with
XML files is not a solution. Can anyone point me in the right direction?
Haveing looked at the plugin templates i can not really find one i can use.
The user numbers we are talking about here will range from a few hundred
online up to around 3000 at maxium. There will not be a huge number of
messages sent however.

Is it not possible to leave all access control of users, clients and
topic/queues up to the me without haveing to go through all the inner
workings of activeMQ? For me atleast it would be logical to have a plugin
with the freedom to approve or deny all user activity. I don't need to get
involved into how active mq deals with security after the point i said yes
its ok, or no its not ok. But i do need to be able to permit or deny
something without a massive unnecessary program flow.
-- 
View this message in context: http://www.nabble.com/Access-control-on-the-message-queue-tp16001329s2354p16001329.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message