Return-Path: Delivered-To: apmail-activemq-users-archive@www.apache.org Received: (qmail 78271 invoked from network); 23 May 2009 02:32:32 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 23 May 2009 02:32:32 -0000 Received: (qmail 22946 invoked by uid 500); 23 May 2009 02:32:44 -0000 Delivered-To: apmail-activemq-users-archive@activemq.apache.org Received: (qmail 22879 invoked by uid 500); 23 May 2009 02:32:44 -0000 Mailing-List: contact users-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@activemq.apache.org Delivered-To: mailing list users@activemq.apache.org Received: (qmail 22869 invoked by uid 99); 23 May 2009 02:32:44 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 23 May 2009 02:32:44 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 23 May 2009 02:32:34 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1M7h1x-0001Az-59 for users@activemq.apache.org; Fri, 22 May 2009 19:32:13 -0700 Message-ID: <23680389.post@talk.nabble.com> Date: Fri, 22 May 2009 19:32:13 -0700 (PDT) From: huntc To: users@activemq.apache.org Subject: AJAX Servlet and identity management MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: huntc@mac.com X-Virus-Checked: Checked by ClamAV on apache.org Hi there, Is there any support within the Ajax servlet for authentication and authorisation? I've been able to use AMQ's JAAS support within the broker itself and wonder if this can somehow extend to the Ajax servlet. In particular I'm interested in authenticating using mutual SSL authentication and using LDAP to determine the groups available to the certificate's subject for authorisation. These groups are then used within the Authorization Plugin to determine which queues/topics are accessible. I have achieved the desired authentication and authorisation via connectivity with the broker directly but would now like to consider the same level of identity management for my AJAX applications. Thanks for any guidance. Kind regards, Christopher P.S. I'm wondering if the AJAX support should be built into the broker directly... I would imagine that the AJAX servlet could provide a popular means of broker connectivity... or should I be looking at the connection-oriented STOMP instead of the AJAX servlet? -- View this message in context: http://www.nabble.com/AJAX-Servlet-and-identity-management-tp23680389p23680389.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.