You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by mickhayes <mi...@gmail.com> on 2012/05/11 09:59:40 UTC

Re: Adding authentication to queues

There are various possibilities wrt Authentication, Authorization and
Encryption.

Clients are authenticated, rather than messages.
Authorization is based on Authentication.
So some clients will be authorized - allowed - to perform some operations.
Out-of-the-box, this is *on a per-destination basis.*

You can see the possibilities at
http://fusesource.com/docs/broker/5.5/security/front.html

I'm not totally clear what you want. 

If it is that only messages from an authenticated and authorized client are
added to the queue, then that is straighforward to do.

If it is that only authenticated and authorized clients may read from the
queue, again that is straightforward.

If, however, you want policies *on a per-message basis* then 
(1) You need some flag in the JMS Header upon which to base the
discrimination and
(2) Some custom code compiled to deal with this. See "Programming
Message-Level Authorization" in the FUSE security guide, where the JMSXAppID
property value is used as a key to control which authorized clients can read
from the destination.
 

-----
Michael Hayes B.Sc. (NUI), M.Sc. (DCU), SCSA SCNA 

--
View this message in context: http://activemq.2283324.n4.nabble.com/Adding-authentication-to-queues-tp4625599p4625773.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.