activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Fernandez <>
Subject Re: Dynamic Security Configuration of users and roles
Date Thu, 06 Nov 2008 16:55:57 GMT

Hi Greg, 

AFAIK, ActiveMQ does not currently provide a solution to your specific
programmatic requirement. 


gfrank wrote:
> hi Joe,
> Thanks for the reply.  Just to be absolutely clear, you are saying that
> there is no existing authentication and authorization solution open to
> programmatic manipulation and i should write my own.
> Thanks,
> Greg
> Joe Fernandez wrote:
>> There's both authentication and authorization to take into account. If
>> you want to take your direct programmatic approach via JMX, consider
>> creating security plug-ins through which you can both authenticate and
>> authorize. Maybe use the existing security plug-ins as models. Extend
>> AuthorizationBroker so that you can override and actually implement the
>> SecurityAdminMBean methods. Then have your plug-in register it with the
>> MBeanServer. Question: how do you intend to persist your updates so that
>> they stick if and when you do bounce the broker?
>> Joe
>> Get a free ActiveMQ User Guide @
>> gfrank wrote:
>>> hopefully someone can give advice on this, my project requires dynamic
>>> creation of topics, users and roles such that a given topic can only be
>>> accessed by one user and that user can only access that one topic.  this
>>> must be done in a programmatic fashion without bouncing the activemq
>>> server a a user represents a customer and the system must be able to add
>>> customers on-the-fly without downtime.
>>> i've noticed an object:
>>> which implements a jmx interface to create roles and add them to users
>>> and topics.  I'm not sure if this is a proper target for my needs and i
>>> dont see it visible in a jmx console.
>>> perhaps the answer is to move to some sort of database-backed
>>> authentication module and then just manipulate the database with code? 
>>> i'd prefer to keep databases out of my implementation and use direct
>>> programmatic manipulation of the activemq server.
>>> thanks for any advice,
>>> Greg

View this message in context:
Sent from the ActiveMQ - User mailing list archive at

View raw message