activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From huntc <>
Subject Re: Determining the client's AMQ interface within a JAAS login module
Date Tue, 19 May 2009 03:29:13 GMT

Sorry that I've taken so long to come back to this. However I think I have a

JaasCertificateAuthenticationBroker presently makes a check at line 73 as to
whether there is a security context:

if (context.getSecurityContext() == null) {

I am wondering if an additional check should be included to ensure that an
SSL transport is being used.

My use case is that I want the client's SSL certificate to be used for
authentication ONLY when SSL is being used as the transport. I do not
believe that it makes sense to look for an SSL certificate otherwise, and it
should be permissible to grant privileged access for other transports.

I propose a patch be made to line 73 along the lines of:

if (context.getConnector().getServer() instanceof SslTransportServer && 
  context.getSecurityContext() == null) {

Does anyone agree/disagree?

Kind regards,
View this message in context:
Sent from the ActiveMQ - User mailing list archive at

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message