You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Luís Alves (Jira)" <ji...@apache.org> on 2020/08/03 07:30:00 UTC

[jira] [Created] (ARTEMIS-2861) Add queue name as a parameter to ActiveMQSecurityManager

Luís Alves created ARTEMIS-2861:
-----------------------------------

             Summary: Add queue name as a parameter to ActiveMQSecurityManager 
                 Key: ARTEMIS-2861
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-2861
             Project: ActiveMQ Artemis
          Issue Type: Improvement
          Components: API
    Affects Versions: 2.14.0
            Reporter: Luís Alves


Currently I was trying to integrate Artemis with OpenId Connect (Oauth2.0) and User Managed Access 2.0 (UMA 2.0) using Keycloak implementation. I want to have fine grained access control over operations over addresses and queues (subscriptions) like described on https://issues.apache.org/jira/browse/ARTEMIS-592. I've investigated as proposed in https://medium.com/@joelicious/extending-artemis-security-with-oauth2-7fd9b3dffe3 and it solves the authN part. For the authZ part I've already had some feedback here https://stackoverflow.com/questions/63191001/activemq-artemis-activemqsecuritymanager4-verify-clientid-subscription, but I think org.apache.activemq.artemis.core.server.SecuritySettingPlugin will not give the needed control. So I'm proposing that ActiveMQSecurityManager latest implementation adds the queue name as the calling method 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)