You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Luís Alves (Jira)" <ji...@apache.org> on 2020/08/03 07:30:00 UTC
[jira] [Created] (ARTEMIS-2861) Add queue name as a parameter to
ActiveMQSecurityManager
Luís Alves created ARTEMIS-2861:
-----------------------------------
Summary: Add queue name as a parameter to ActiveMQSecurityManager
Key: ARTEMIS-2861
URL: https://issues.apache.org/jira/browse/ARTEMIS-2861
Project: ActiveMQ Artemis
Issue Type: Improvement
Components: API
Affects Versions: 2.14.0
Reporter: Luís Alves
Currently I was trying to integrate Artemis with OpenId Connect (Oauth2.0) and User Managed Access 2.0 (UMA 2.0) using Keycloak implementation. I want to have fine grained access control over operations over addresses and queues (subscriptions) like described on https://issues.apache.org/jira/browse/ARTEMIS-592. I've investigated as proposed in https://medium.com/@joelicious/extending-artemis-security-with-oauth2-7fd9b3dffe3 and it solves the authN part. For the authZ part I've already had some feedback here https://stackoverflow.com/questions/63191001/activemq-artemis-activemqsecuritymanager4-verify-clientid-subscription, but I think org.apache.activemq.artemis.core.server.SecuritySettingPlugin will not give the needed control. So I'm proposing that ActiveMQSecurityManager latest implementation adds the queue name as the calling method
--
This message was sent by Atlassian Jira
(v8.3.4#803005)