You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by chinababuilla <ch...@gmail.com> on 2017/07/05 19:54:39 UTC
How to enforce authorization during session.createQueue() /
createTopic()?
Hi All,
I have a requirement such that I need to know if the user has permission to
create a destination or not when I call session.createQueue() or
session.createTopic(). The default behavior is we will know that when
creating a consumer or producer but not when creating the destination? Is
there a possibility? if so how? I have referred the Security documentation
and it does not address this scenario.
In brief, I want admin entitlements to be enforced on create destination and
read/write entitlements to be enforced on creating
producer/consumer/publisher/subscriber.
Kindly note: I am not looking for the information on how to assign admin
privileges to user groups.
Thanks in advance
Chinna
--
View this message in context: http://activemq.2283324.n4.nabble.com/How-to-enforce-authorization-during-session-createQueue-createTopic-tp4728228.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: How to enforce authorization during session.createQueue() /
createTopic()?
Posted by Timothy Bish <ta...@gmail.com>.
On 07/05/2017 04:29 PM, chinababuilla wrote:
> Thank Tim for the response.
>
> Yes I agree. But I wanted to check if there is any ActiveMQ Administration
> API that contacts broker while creating destination?
> Do you think there exists such API with ActiveMQ?
>
>
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/How-to-enforce-authorization-during-session-createQueue-createTopic-tp4728228p4728233.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
No, no such API such API exists on the client side. You could trying
doing something using JMX MBeans but I'm not sure it will give you what
you want.
--
Tim Bish
twitter: @tabish121
blog: http://timbish.blogspot.com/
Re: How to enforce authorization during session.createQueue() /
createTopic()?
Posted by chinababuilla <ch...@gmail.com>.
Thank Tim for the response.
Yes I agree. But I wanted to check if there is any ActiveMQ Administration
API that contacts broker while creating destination?
Do you think there exists such API with ActiveMQ?
--
View this message in context: http://activemq.2283324.n4.nabble.com/How-to-enforce-authorization-during-session-createQueue-createTopic-tp4728228p4728233.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: How to enforce authorization during session.createQueue() /
createTopic()?
Posted by Timothy Bish <ta...@gmail.com>.
On 07/05/2017 04:10 PM, chinababuilla wrote:
> Hi Tim,
>
> I am using ActiveMQ.
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/How-to-enforce-authorization-during-session-createQueue-createTopic-tp4728228p4728230.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
Session createQueue and createTopic are local operations that don't
interact with the broker so there's no possibility to perform
authorization checks for these operations. ActiveMQ creates
destinations on demand from a producer or consumer and only then
performs authorization checks.
--
Tim Bish
twitter: @tabish121
blog: http://timbish.blogspot.com/
Re: How to enforce authorization during session.createQueue() /
createTopic()?
Posted by chinababuilla <ch...@gmail.com>.
Hi Tim,
I am using ActiveMQ.
--
View this message in context: http://activemq.2283324.n4.nabble.com/How-to-enforce-authorization-during-session-createQueue-createTopic-tp4728228p4728230.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: How to enforce authorization during session.createQueue() /
createTopic()?
Posted by Timothy Bish <ta...@gmail.com>.
On 07/05/2017 03:54 PM, chinababuilla wrote:
> Hi All,
>
> I have a requirement such that I need to know if the user has permission to
> create a destination or not when I call session.createQueue() or
> session.createTopic(). The default behavior is we will know that when
> creating a consumer or producer but not when creating the destination? Is
> there a possibility? if so how? I have referred the Security documentation
> and it does not address this scenario.
>
> In brief, I want admin entitlements to be enforced on create destination and
> read/write entitlements to be enforced on creating
> producer/consumer/publisher/subscriber.
>
> Kindly note: I am not looking for the information on how to assign admin
> privileges to user groups.
>
> Thanks in advance
> Chinna
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/How-to-enforce-authorization-during-session-createQueue-createTopic-tp4728228.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
Which broker are you using ActiveMQ or Artemis?
--
Tim Bish
twitter: @tabish121
blog: http://timbish.blogspot.com/