org.apache.activemq.security
Class JaasDualAuthenticationBroker
java.lang.Object
org.apache.activemq.broker.BrokerFilter
org.apache.activemq.security.JaasDualAuthenticationBroker
- All Implemented Interfaces:
- Broker, Region, Service
public class JaasDualAuthenticationBroker
- extends BrokerFilter
A JAAS Authentication Broker that uses different JAAS domain configurations
depending if the connection is over an SSL enabled Connector or not.
This allows you to, for instance, do DN based authentication for SSL connections
and use a mixture of username/passwords and simple guest authentication for
non-SSL connections.
An example login.config
to do do this is:
activemq-domain {
org.apache.activemq.jaas.PropertiesLoginModule sufficient
debug=true
org.apache.activemq.jaas.properties.user="users.properties"
org.apache.activemq.jaas.properties.group="groups.properties";
org.apache.activemq.jaas.GuestLoginModule sufficient
debug=true
org.apache.activemq.jaas.guest.user="guest"
org.apache.activemq.jaas.guest.group="guests";
};
activemq-ssl-domain {
org.apache.activemq.jaas.TextFileCertificateLoginModule required
debug=true
org.apache.activemq.jaas.textfiledn.user="dns.properties"
org.apache.activemq.jaas.textfiledn.group="groups.properties";
};
Methods inherited from class org.apache.activemq.broker.BrokerFilter |
acknowledge, addBroker, addConsumer, addDestination, addDestinationInfo, addProducer, addSession, beginTransaction, brokerServiceStarted, commitTransaction, fastProducer, forgetTransaction, gc, getAdaptor, getAdminConnectionContext, getBrokerId, getBrokerName, getBrokerSequenceId, getBrokerService, getClients, getDestinationMap, getDestinations, getDestinations, getDurableDestinations, getExecutor, getPeerBrokerInfos, getPreparedTransactions, getRoot, getScheduler, getTempDataStore, getVmConnectorURI, isExpired, isFaultTolerantConfiguration, isFull, isStopped, messageConsumed, messageDelivered, messageDiscarded, messageExpired, messagePull, networkBridgeStarted, networkBridgeStopped, nowMasterBroker, postProcessDispatch, prepareTransaction, preProcessDispatch, processConsumerControl, processDispatchNotification, removeBroker, removeConsumer, removeDestination, removeDestinationInfo, removeProducer, removeSession, removeSubscription, rollbackTransaction, send, sendToDeadLetterQueue, setAdminConnectionContext, slowConsumer, start, stop |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
JaasDualAuthenticationBroker
public JaasDualAuthenticationBroker(Broker next,
java.lang.String jaasConfiguration,
java.lang.String jaasSslConfiguration)
- Simple constructor. Leaves everything to superclass.
- Parameters:
next
- The Broker that does the actual work for this Filter.jaasConfiguration
- The JAAS domain configuration name for
non-SSL connections (refer to JAAS documentation).jaasSslConfiguration
- The JAAS domain configuration name for
SSL connections (refer to JAAS documentation).
addConnection
public void addConnection(ConnectionContext context,
ConnectionInfo info)
throws java.lang.Exception
- Overridden to allow for authentication using different Jaas
configurations depending on if the connection is SSL or not.
- Specified by:
addConnection
in interface Broker
- Overrides:
addConnection
in class BrokerFilter
- Parameters:
context
- The context for the incoming Connection.info
- The ConnectionInfo Command representing the incoming
connection.
- Throws:
java.lang.Exception
- TODO
removeConnection
public void removeConnection(ConnectionContext context,
ConnectionInfo info,
java.lang.Throwable error)
throws java.lang.Exception
- Overriding removeConnection to make sure the security context is cleaned.
- Specified by:
removeConnection
in interface Broker
- Overrides:
removeConnection
in class BrokerFilter
- Parameters:
context
- the environment the operation is being executed under.error
- null if the client requested the disconnect or the error
that caused the client to disconnect.
- Throws:
java.lang.Exception
- TODO
Copyright © 2005-2016. All Rights Reserved.