activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Fernandez <joe.fernan...@ttmsolutions.com>
Subject Re: Dynamic Security Configuration of users and roles
Date Thu, 06 Nov 2008 00:37:09 GMT

There's both authentication and authorization to take into account. If you
want to take your direct programmatic approach via JMX, consider creating
security plug-ins through which you can both authenticate and authorize.
Maybe use the existing security plug-ins as models. Extend
AuthorizationBroker so that you can override and actually implement the
SecurityAdminMBean methods. Then have your plug-in register it with the
MBeanServer. Question: how do you intend to persist your updates so that
they stick if and when you do bounce the broker?

Joe
Get a free ActiveMQ User Guide @ http://www.ttmsolutions.com



gfrank wrote:
> 
> hopefully someone can give advice on this, my project requires dynamic
> creation of topics, users and roles such that a given topic can only be
> accessed by one user and that user can only access that one topic.  this
> must be done in a programmatic fashion without bouncing the activemq
> server a a user represents a customer and the system must be able to add
> customers on-the-fly without downtime.
> 
> i've noticed an object: org.apache.activemq.security.AuthorizationBroker
> which implements a jmx interface to create roles and add them to users and
> topics.  I'm not sure if this is a proper target for my needs and i dont
> see it visible in a jmx console.
> 
> perhaps the answer is to move to some sort of database-backed
> authentication module and then just manipulate the database with code? 
> i'd prefer to keep databases out of my implementation and use direct
> programmatic manipulation of the activemq server.
> 
> thanks for any advice,
> Greg
> 

-- 
View this message in context: http://www.nabble.com/Dynamic-Security-Configuration-of-users-and-roles-tp20352446p20353105.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message