activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Garry Watkins <cats...@icloud.com>
Subject Re: Is it possible to use Client Certs for Authentication/Authorization for Apollo?
Date Tue, 09 Jul 2013 20:14:10 GMT
I have been looking at the documentation in the security section.

http://activemq.apache.org/apollo/documentation/user-manual.html#Security

I need to write code that will capture allow a queue to be created with the same name as the
user.  That user may then be allowed to receive and consume messages.

Any hints about where i could inject this into the code?

Thanks

On Jul 08, 2013, at 02:06 PM, Christian Posta <christian.posta@gmail.com> wrote:

Should be the distinguished name from the X509 cert:

http://docs.oracle.com/javase/6/docs/api/javax/security/auth/x500/X500Principal.html


On Mon, Jul 8, 2013 at 1:31 PM, Garry Watkins <catshow@me.com> wrote:

Ok, now that I know that I can do that.
How does Apollo assign the username? What I want to do is have another
process create a queue just for that user, and that is the only queue that
user may access.
Thanks for the speedy response.
On Jul 8, 2013, at 1:28 PM, Christian Posta <christian.posta@gmail.com>
wrote:
> Yep, try adding the following to your ssl connector:
>
> <connector id="default" bind="ssl://0.0.0.0:61614">
>
> *<ssl client_auth="need" />*
>
> </connector>
>
>
> On Mon, Jul 8, 2013 at 12:51 PM, Garry Watkins <catshow@me.com> wrote:
>
>> Is it possible to use Client Certs for Authentication/Authorization for
>> Apollo?
>
>
>
>
> --
> *Christian Posta*
> http://www.christianposta.com/blog
> twitter: @christianposta


-- 
*Christian Posta*
http://www.christianposta.com/blog
twitter: @christianposta

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
    • Unnamed multipart/related (inline, None, 0 bytes)
View raw message