qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rajith Attapattu <rajit...@gmail.com>
Subject Re: Remote IP authentication
Date Mon, 07 Dec 2009 17:00:41 GMT
On Mon, Dec 7, 2009 at 10:37 AM, Tim Platten
<tim.platten.ext@deutsche-boerse.com> wrote:
>
> We need to authenticate that a client is connecting from a known list of
> acceptable IP addresses (for that particular client). We would then maintain
> a list of valid IP addresses per client (username).
>

IMO the preferred solution is to use firewall rules.
But sometimes it may not be possible.
The java broker implements a similar feature if it really needs to be
done at the broker level.
http://qpid.apache.org/ip-whitelisting.html

Looking at the above it seems that we could possibly handle the above
with an extension in the ACL mechanism itself.
The ACL already have code for allow/deny per user/group. So extending
that should be fairly simple.

Regards,

Rajith

> Carl Trieloff wrote:
>>
>> Tim Platten wrote:
>>> Hi,
>>>
>>> We have a requirement for the Qpid broker to simply authenticate a client
>>> connection using username, password and remote IP address(es). Any
>>> suggestions about how we might go about this? Kerberos is not an option.
>>>
>>>
>>
>> Can you explain the "remote IP address(s)" requirement?
>>
>> Carl.
>>
>> ---------------------------------------------------------------------
>> Apache Qpid - AMQP Messaging Implementation
>> Project:      http://qpid.apache.org
>> Use/Interact: mailto:users-subscribe@qpid.apache.org
>>
>>
>>
>
> --
> View this message in context: http://n2.nabble.com/Remote-IP-authentication-tp4126382p4126638.html
> Sent from the Apache Qpid users mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> Apache Qpid - AMQP Messaging Implementation
> Project:      http://qpid.apache.org
> Use/Interact: mailto:users-subscribe@qpid.apache.org
>
>



-- 
Regards,

Rajith Attapattu
Red Hat
http://rajith.2rlabs.com/

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org


Mime
View raw message