activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Shannon <>
Subject Re: Artemis - Implement ACL programmatically
Date Mon, 26 Aug 2019 16:00:24 GMT
You might need to write some custom code to do what you want and you could
try a custom Security plugin.
See the API and Java docs for the security setting plugin:

If you need even more control you can create your own SecurityManager and
register it with the broker.  The interface to extend is:

The validateUserAndRole() method is where you do your ACL checks

A default implementation that delegates to a JAAS module is including in
the broker already which you can use as an example or to extend:

On Mon, Aug 26, 2019 at 8:01 AM Modanese, Riccardo
<> wrote:

> I already read this page and I wasn’t able to find any helpful information.
> In our use case each user has ACL depending on the username itself.
> Moreover a user can be added at runtime and the broker must be able to
> create and handle correctly the ACL also for the new created user.
> So, at the end, what I need is the capability of creating ACL
> programmatically and keep them in a session in order to be used every time
> a client publishes a message or subscribes an address.
> In ActiveMQ 5 this was possible ( [1] - [2] ) by creating a
> DefaultAuthorizationMap object, but I cannot find a similar object in
> Artemis
> [1]
> [2]
> Il giorno 26 ago 2019, alle ore 13:43, Christopher Shannon <
> ha scritto:
> All of the info you should need to get started should be here:
> On Mon, Aug 26, 2019 at 6:24 AM Modanese, Riccardo
> <> wrote:
> Hello,
>    In our ActiveMQ 5.x security plugin code we are enforcing ACL
> programmatically so I’m investigating how to migrate our current ACL from
> ActiveMQ 5.x to Artemis.
> I took a look into Artemis source code and I didn’t find any similar
> object to those present in ActiveMQ 5.x (E.g.
>, ...)
> Can you point me to the right direction?

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message