[AMQ-912] ActiveMQ support for SSL authentication and authorization - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.1.0
Component/s: Test Cases, Transport
Labels:
None

Patch Info:

Patch Available

Description

This patch adds new Transports, Brokers, and Plugins needed for authentication and authorization based on SSL certificates.
It also adds a few unit tests for the mentioned classes.
The new (or heavily modified) SslTransport, SslTransportServer, and SslTransportFactory classes allow for access to the underlying socket's need and want client auth settings. If a certificate is found, it is set as the transportContext of the created connection.
The JaasCertificateAuthenticationBroker uses the new CertificateLoginModule to authenticate certificates (this class is abstract to allow for different backends for certificate authentication, a concrete class is TextFileCertificateLoginModule).
JaasCertificateAuthenticationBroker also sets the security context's user name to that provided for the certificate by the login module. This allows for authorization using the existing authorization broker.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

svn_diff.txt
18/Sep/06 00:01
124 kB
Sepand Mavandadi
svn_diff.txt
08/Sep/06 21:52
102 kB
Sepand Mavandadi
ASF.LICENSE.NOT.GRANTED--ssl_certifiacte_auth_patch.txt
05/Sep/06 23:02
102 kB
Sepand Mavandadi

Issue Links

relates to

AMQ-5876 improve performance of TextFileCertificateLoginModule when many entries are in the "textfiledn.user " file

Resolved

Activity

People

Assignee:: Hiram R. Chirino

Reporter:: Sepand Mavandadi

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Sep/06 23:02

Updated:: 08/Jul/15 10:56

Resolved:: 18/Sep/06 22:41