activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gfrank <g...@netfrank.net>
Subject Re: Dynamic Security Configuration of users and roles
Date Thu, 06 Nov 2008 15:44:49 GMT

hi Joe,

Thanks for the reply.  Just to be absolutely clear, you are saying that
there is no existing authentication and authorization solution open to
programmatic manipulation and i should write my own.

Thanks,
Greg




Joe Fernandez wrote:
> 
> There's both authentication and authorization to take into account. If you
> want to take your direct programmatic approach via JMX, consider creating
> security plug-ins through which you can both authenticate and authorize.
> Maybe use the existing security plug-ins as models. Extend
> AuthorizationBroker so that you can override and actually implement the
> SecurityAdminMBean methods. Then have your plug-in register it with the
> MBeanServer. Question: how do you intend to persist your updates so that
> they stick if and when you do bounce the broker?
> 
> Joe
> Get a free ActiveMQ User Guide @ http://www.ttmsolutions.com
> 
> 
> 
> gfrank wrote:
>> 
>> hopefully someone can give advice on this, my project requires dynamic
>> creation of topics, users and roles such that a given topic can only be
>> accessed by one user and that user can only access that one topic.  this
>> must be done in a programmatic fashion without bouncing the activemq
>> server a a user represents a customer and the system must be able to add
>> customers on-the-fly without downtime.
>> 
>> i've noticed an object: org.apache.activemq.security.AuthorizationBroker
>> which implements a jmx interface to create roles and add them to users
>> and topics.  I'm not sure if this is a proper target for my needs and i
>> dont see it visible in a jmx console.
>> 
>> perhaps the answer is to move to some sort of database-backed
>> authentication module and then just manipulate the database with code? 
>> i'd prefer to keep databases out of my implementation and use direct
>> programmatic manipulation of the activemq server.
>> 
>> thanks for any advice,
>> Greg
>> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Dynamic-Security-Configuration-of-users-and-roles-tp20352446p20363589.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message