activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Fernandez <joe.fernan...@ttmsolutions.com>
Subject Re: Dynamic Security Configuration of users and roles
Date Thu, 06 Nov 2008 16:55:57 GMT

Hi Greg, 

AFAIK, ActiveMQ does not currently provide a solution to your specific
programmatic requirement. 

Joe 


gfrank wrote:
> 
> hi Joe,
> 
> Thanks for the reply.  Just to be absolutely clear, you are saying that
> there is no existing authentication and authorization solution open to
> programmatic manipulation and i should write my own.
> 
> Thanks,
> Greg
> 
> 
> 
> 
> Joe Fernandez wrote:
>> 
>> There's both authentication and authorization to take into account. If
>> you want to take your direct programmatic approach via JMX, consider
>> creating security plug-ins through which you can both authenticate and
>> authorize. Maybe use the existing security plug-ins as models. Extend
>> AuthorizationBroker so that you can override and actually implement the
>> SecurityAdminMBean methods. Then have your plug-in register it with the
>> MBeanServer. Question: how do you intend to persist your updates so that
>> they stick if and when you do bounce the broker?
>> 
>> Joe
>> Get a free ActiveMQ User Guide @ http://www.ttmsolutions.com
>> 
>> 
>> 
>> gfrank wrote:
>>> 
>>> hopefully someone can give advice on this, my project requires dynamic
>>> creation of topics, users and roles such that a given topic can only be
>>> accessed by one user and that user can only access that one topic.  this
>>> must be done in a programmatic fashion without bouncing the activemq
>>> server a a user represents a customer and the system must be able to add
>>> customers on-the-fly without downtime.
>>> 
>>> i've noticed an object: org.apache.activemq.security.AuthorizationBroker
>>> which implements a jmx interface to create roles and add them to users
>>> and topics.  I'm not sure if this is a proper target for my needs and i
>>> dont see it visible in a jmx console.
>>> 
>>> perhaps the answer is to move to some sort of database-backed
>>> authentication module and then just manipulate the database with code? 
>>> i'd prefer to keep databases out of my implementation and use direct
>>> programmatic manipulation of the activemq server.
>>> 
>>> thanks for any advice,
>>> Greg
>>> 
>> 
>> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Dynamic-Security-Configuration-of-users-and-roles-tp20352446p20365083.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message