You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by joesan <co...@gmail.com> on 2012/11/29 10:16:28 UTC
ActiveMQ Authorization Performace
Guys,
I"m looking for suggestions if I should consider using LDAP for
authorization? Does the authorization happen only once when my clients set
up their connection? or does it happen for every messages published or
consumed by the clients?
--
View this message in context: http://activemq.2283324.n4.nabble.com/ActiveMQ-Authorization-Performace-tp4659927.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: ActiveMQ Authorization Performace
Posted by Dejan Bosanac <de...@nighttale.net>.
For 5 users whose credentials don't change often, I'd suggest simple
authentication plugin
http://activemq.apache.org/security.html#Security-SimpleAuthenticationPlugin
as it's the easiest to setup.
Regards
--
Dejan Bosanac
----------------------
Red Hat, Inc.
FuseSource is now part of Red Hat
dbosanac@redhat.com
Twitter: @dejanb
Blog: http://sensatic.net
ActiveMQ in Action: http://www.manning.com/snyder/
On Thu, Nov 29, 2012 at 3:46 PM, joesan <co...@gmail.com> wrote:
> In terms of numbers what would that mean? I have a situation wherein I have
> at least 5 different clients writing to one Topic and another client reading
> from that Topic. In response, this client writes to a Topic and the other 5
> get the message from that Topic. What would you recommend in this scenario?
> Use LDAP or SSL with JAAS Certificate Authentication?
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/ActiveMQ-Authorization-Performace-tp4659927p4659941.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: ActiveMQ Authorization Performace
Posted by joesan <co...@gmail.com>.
In terms of numbers what would that mean? I have a situation wherein I have
at least 5 different clients writing to one Topic and another client reading
from that Topic. In response, this client writes to a Topic and the other 5
get the message from that Topic. What would you recommend in this scenario?
Use LDAP or SSL with JAAS Certificate Authentication?
--
View this message in context: http://activemq.2283324.n4.nabble.com/ActiveMQ-Authorization-Performace-tp4659927p4659941.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: ActiveMQ Authorization Performace
Posted by Dejan Bosanac <de...@nighttale.net>.
Hi,
it all depends on your environment and use case.
If you have a small number of clients that you control, you can easily
go with user/pass version (and using ssl just to encrypt data).
If you expect large number of clients and you might to think about
LDAP so that you can manage user credentials more easily.
So there's no right or wrong way, it's just what you need (and keep it
as simple as possible :)
Regards
--
Dejan Bosanac
----------------------
Red Hat, Inc.
FuseSource is now part of Red Hat
dbosanac@redhat.com
Twitter: @dejanb
Blog: http://sensatic.net
ActiveMQ in Action: http://www.manning.com/snyder/
On Thu, Nov 29, 2012 at 2:38 PM, joesan <co...@gmail.com> wrote:
> Thanks for the reply. I can see from the ActiveMQ documentation that there
> are many possible ways to do Authentication and Authorization. For example.,
> to Authenticate, I can use SSL, JAAS Certificate Authentication, JAAS LDAP
> Authentication, JAAS Username, Password Authentication.
>
> What would you advice to use? I have an SSL connection on my ActiveMQ
> instance with my clients. I have also implemented JAAS Certificate
> Authentication. Is this a better approach or is JAAS LDAP Authentication and
> Authorization the way to go?
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/ActiveMQ-Authorization-Performace-tp4659927p4659938.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: ActiveMQ Authorization Performace
Posted by joesan <co...@gmail.com>.
Thanks for the reply. I can see from the ActiveMQ documentation that there
are many possible ways to do Authentication and Authorization. For example.,
to Authenticate, I can use SSL, JAAS Certificate Authentication, JAAS LDAP
Authentication, JAAS Username, Password Authentication.
What would you advice to use? I have an SSL connection on my ActiveMQ
instance with my clients. I have also implemented JAAS Certificate
Authentication. Is this a better approach or is JAAS LDAP Authentication and
Authorization the way to go?
--
View this message in context: http://activemq.2283324.n4.nabble.com/ActiveMQ-Authorization-Performace-tp4659927p4659938.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: ActiveMQ Authorization Performace
Posted by Dejan Bosanac <de...@nighttale.net>.
You can use cached ldap authorization module
http://activemq.apache.org/cached-ldap-authorization-module.html
it caches all data in memory
Regards
--
Dejan Bosanac
----------------------
Red Hat, Inc.
FuseSource is now part of Red Hat
dbosanac@redhat.com
Twitter: @dejanb
Blog: http://sensatic.net
ActiveMQ in Action: http://www.manning.com/snyder/
On Thu, Nov 29, 2012 at 10:16 AM, joesan <co...@gmail.com> wrote:
> Guys,
>
> I"m looking for suggestions if I should consider using LDAP for
> authorization? Does the authorization happen only once when my clients set
> up their connection? or does it happen for every messages published or
> consumed by the clients?
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/ActiveMQ-Authorization-Performace-tp4659927.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.