activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hiram Chirino <hi...@hiramchirino.com>
Subject Re: Is it possible to use Client Certs for Authentication/Authorization for Apollo?
Date Wed, 10 Jul 2013 19:00:00 GMT
An the user names are dynamic?  You don't know them ahead of time?

On Tue, Jul 9, 2013 at 4:14 PM, Garry Watkins <catshow@icloud.com> wrote:
> I have been looking at the documentation in the security section.
>
> http://activemq.apache.org/apollo/documentation/user-manual.html#Security
>
> I need to write code that will capture allow a queue to be created with the
> same name as the user.  That user may then be allowed to receive and consume
> messages.
>
> Any hints about where i could inject this into the code?
>
> Thanks
>
>
> On Jul 08, 2013, at 02:06 PM, Christian Posta <christian.posta@gmail.com>
> wrote:
>
> Should be the distinguished name from the X509 cert:
>
> http://docs.oracle.com/javase/6/docs/api/javax/security/auth/x500/X500Principal.html
>
>
> On Mon, Jul 8, 2013 at 1:31 PM, Garry Watkins <catshow@me.com> wrote:
>
> Ok, now that I know that I can do that.
>
> How does Apollo assign the username? What I want to do is have another
>
> process create a queue just for that user, and that is the only queue that
>
> user may access.
>
> Thanks for the speedy response.
>
> On Jul 8, 2013, at 1:28 PM, Christian Posta <christian.posta@gmail.com>
>
> wrote:
>
>> Yep, try adding the following to your ssl connector:
>
>>
>
>> <connector id="default" bind="ssl://0.0.0.0:61614">
>
>>
>
>> *<ssl client_auth="need" />*
>
>>
>
>> </connector>
>
>>
>
>>
>
>> On Mon, Jul 8, 2013 at 12:51 PM, Garry Watkins <catshow@me.com> wrote:
>
>>
>
>>> Is it possible to use Client Certs for Authentication/Authorization for
>
>>> Apollo?
>
>>
>
>>
>
>>
>
>>
>
>> --
>
>> *Christian Posta*
>
>> http://www.christianposta.com/blog
>
>> twitter: @christianposta
>
>
>
> --
> *Christian Posta*
> http://www.christianposta.com/blog
> twitter: @christianposta



-- 
Hiram Chirino

Engineering | Red Hat, Inc.

hchirino@redhat.com | fusesource.com | redhat.com

skype: hiramchirino | twitter: @hiramchirino

blog: Hiram Chirino's Bit Mojo

Mime
View raw message