activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mikmela <mikm...@yahoo.com>
Subject SSL certificate based authentication
Date Fri, 15 Mar 2013 20:25:29 GMT
The article http://activemq.apache.org/jmsxuserid.html has the following:
Note, though, that for SSL certificate based authentication, e.g., when
using TextFileCertificateLoginModule JAAS module, this will change the
semantics of the broker-provided JMSXUserID. Instead of returning the DN of
the certificate, it will provide the name the DN is mapped to by the JAAS
module.


Which seems to imply that when not using TextFileCertificateLoginModule JAAS
plugin someone will place DN from certificate into JMSXUserID... 
I have SSL client auth enabled on the broker via
needClientAutt=true and
this.broker.setPopulateJMSXUserID(true);
this.broker.setUseAuthenticatedPrincipalForJMSXUserID(true);

and my java test client app is configured for proper SSL handshake. What I
observe that when user name/password is provided when connection is
established JMSXUserID is populated with specified user name, but when
connection is anonymous, JMSXUserID  is empty... 
The question how to configure my test such that DN from certificate will be
set as user id?



--
View this message in context: http://activemq.2283324.n4.nabble.com/SSL-certificate-based-authentication-tp4664779.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Mime
View raw message