You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by huntc <hu...@mac.com> on 2009/05/23 04:32:13 UTC

AJAX Servlet and identity management

Hi there,

Is there any support within the Ajax servlet for authentication and
authorisation? I've been able to use AMQ's JAAS support within the broker
itself and wonder if this can somehow extend to the Ajax servlet.

In particular I'm interested in authenticating using mutual SSL
authentication and using LDAP to determine the groups available to the
certificate's subject for authorisation. These groups are then used within
the Authorization Plugin to determine which queues/topics are accessible.

I have achieved the desired authentication and authorisation via
connectivity with the broker directly but would now like to consider the
same level of identity management for my AJAX applications.

Thanks for any guidance.

Kind regards,
Christopher

P.S. I'm wondering if the AJAX support should be built into the broker
directly... I would imagine that the AJAX servlet could provide a popular
means of broker connectivity... or should I be looking at the
connection-oriented STOMP instead of the AJAX servlet?
-- 
View this message in context: http://www.nabble.com/AJAX-Servlet-and-identity-management-tp23680389p23680389.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Re: AJAX Servlet and identity management

Posted by Dejan Bosanac <de...@nighttale.net>.

Hi Christopher,



>
> Is there any support within the Ajax servlet for authentication and
> authorisation? I've been able to use AMQ's JAAS support within the broker
> itself and wonder if this can somehow extend to the Ajax servlet.


No, currently there is no way to achieve the same connectivity
authentication and authorization as when you connecting directly to the
broker. The best you can do is to connect the servlet to the secured broker
in a similar way as it is done for web console
http://cwiki.apache.org/confluence/display/ACTIVEMQ/Security#Security-SecurityandActiveMQComponents

There is a room for improvement in this area, so any contributions are more
than welcomed.



>
> P.S. I'm wondering if the AJAX support should be built into the broker
> directly... I would imagine that the AJAX servlet could provide a popular
> means of broker connectivity... or should I be looking at the
> connection-oriented STOMP instead of the AJAX servlet?
>

Sure, if you can use Stomp in your environment, it is a better choice than
REST API, since it is more messaging oriented.

Cheers
--
Dejan Bosanac

Open Source Integration - http://fusesource.com/
ActiveMQ in Action - http://www.manning.com/snyder/
Blog - http://www.nighttale.net