activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From huntc <>
Subject Re: Determining the client's AMQ interface within a JAAS login module
Date Tue, 19 May 2009 11:13:54 GMT

I have looked into this further and determined that my previous post was not

I have now written an extension of the JaasCertificateAuthenticationBroker
so that it only authenticates against an SSL certificate if an SSL transport
is being used. You can browse the class
here .

To use this class you can check the project out from the
1.2.0 tag .

After building the project using Maven drop the resultant jar file in AMQ's
lib/optional folder and configure activemq.xml like so:

      &lt;bean xmlns="" 
        &lt;property name="configuration" value="activemq-domain"/&gt;
        &lt;property name="nonsslUsername" value="nonssluser"/&gt;
        &lt;property name="nonsslGroups"&gt;

      &lt;!--  lets configure a destination based authorization mechanism

              &lt;authorizationEntry topic="ActiveMQ.Advisory.&gt;"
                admin="activemq-users" /&gt;

There is a unit test for the plugin which of course passes and I have tested
it against an application that uses both an SSL transport and a TCP
transport to connect with the broker. FYI the machine that hosts the broker
will only expose the SSL port to the outside world thus preventing anonymous

I hope that this code is useful to you.

Kind regards,
View this message in context:
Sent from the ActiveMQ - User mailing list archive at

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message