Return-Path: X-Original-To: apmail-activemq-users-archive@www.apache.org Delivered-To: apmail-activemq-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 831B418E34 for ; Fri, 16 Oct 2015 02:44:27 +0000 (UTC) Received: (qmail 90787 invoked by uid 500); 16 Oct 2015 02:44:27 -0000 Delivered-To: apmail-activemq-users-archive@activemq.apache.org Received: (qmail 90746 invoked by uid 500); 16 Oct 2015 02:44:27 -0000 Mailing-List: contact users-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@activemq.apache.org Delivered-To: mailing list users@activemq.apache.org Received: (qmail 90729 invoked by uid 99); 16 Oct 2015 02:44:26 -0000 Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 16 Oct 2015 02:44:26 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 6C876C6247 for ; Fri, 16 Oct 2015 02:44:26 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.304 X-Spam-Level: * X-Spam-Status: No, score=1.304 tagged_above=-999 required=6.31 tests=[HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001, URI_HEX=1.313, URI_TRY_3LD=0.001] autolearn=disabled Received: from mx1-us-west.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id 2yjljFmSMXSE for ; Fri, 16 Oct 2015 02:44:19 +0000 (UTC) Received: from mx5-phx2.redhat.com (mx5-phx2.redhat.com [209.132.183.37]) by mx1-us-west.apache.org (ASF Mail Server at mx1-us-west.apache.org) with ESMTPS id 42F5C26956 for ; Fri, 16 Oct 2015 02:44:19 +0000 (UTC) Received: from zmail09.collab.prod.int.phx2.redhat.com (zmail09.collab.prod.int.phx2.redhat.com [10.5.83.11]) by mx5-phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t9G2iCO3032464 for ; Thu, 15 Oct 2015 22:44:12 -0400 Date: Thu, 15 Oct 2015 22:44:12 -0400 (EDT) From: Justin Bertram To: users@activemq.apache.org Message-ID: <628182777.32475144.1444963452439.JavaMail.zimbra@redhat.com> In-Reply-To: <1444924897125-4703003.post@n4.nabble.com> References: <1444841282120-4702960.post@n4.nabble.com> <1640516219.31946425.1444850113251.JavaMail.zimbra@redhat.com> <1444902321770-4702988.post@n4.nabble.com> <1444924897125-4703003.post@n4.nabble.com> Subject: Re: Artemis - Certificate Security MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.10.59.15] X-Mailer: Zimbra 8.0.6_GA_5922 (ZimbraWebClient - GC45 (Linux)/8.0.6_GA_5922) Thread-Topic: Artemis - Certificate Security Thread-Index: rTm2wA5Kxt3ULrr8XU1BUaLHNggomQ== I haven't looked into it in too much details but whatever is done should be done far enough into the broker that it works for all (or at least most) of the protocols. I think you'd probably need to create a new extension of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager. Justin ----- Original Message ----- From: "slew77" To: users@activemq.apache.org Sent: Thursday, October 15, 2015 11:01:37 AM Subject: Re: Artemis - Certificate Security So based on ActiveMQ 5, I want to grab the certificate from the ConnectionInfo.transportContext. I can get the certificate array in ActiveMQChannelHandler.channelRead, but means I have to propagate it using bufferReceived. Then in OpenWireConnection.bufferReceived I can setTransportContext on the ConnectionInfo object, which is the unmarshalled buffer. OK approach or did you have another plan in mind? -- View this message in context: http://activemq.2283324.n4.nabble.com/Artemis-Certificate-Security-tp4702960p4703003.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.