activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From slew77 <>
Subject Artemis - Certificate Security
Date Wed, 14 Oct 2015 16:48:02 GMT

Hoping to get some advice on adding a security plugin to Artemis.

We are using an Artemis 1.1.0 broker. 

Client systems post messages to a common queue and listen for messages on a
client specific queue.

There will be thousands of client systems.

Each client should be able to write to the common queue, but not read from
it. Each client should be able to read from their response queue only, but
not write to it.

We must base this access on the client certificate used to connect, i.e. we
can't use username/password.

The docs suggest it's possible to add a JAAS plugin, is that correct and is
there an example I could follow? If it is possible, is it feasible to base
the authorisation on the client certificate? Ideally we'd do a lookup from
the certificate thumbprint to get either a username or the roles that we
need. Any help gratefully received!

Thanks in advance,

View this message in context:
Sent from the ActiveMQ - User mailing list archive at

View raw message