You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by Les Hazlewood <lh...@apache.org> on 2014/02/18 01:53:40 UTC
Re: Apache Shiro integration status
Please excuse the double post, but I thought I'd do it just in case since
the other thread was about Apollo.
Hi all,
An update:
My former repo at https://github.com/lhazlewood/
activemq/tree/trunk/activemq-shiro is now out of date: I basically created
that repository before ActiveMQ moved to git. Now that ActiveMQ is on git,
I've picked up from where I left off there in a personal local clone of the
ActiveMQ git repo.
Anyway, the good news is that I'm about to attach a patch for the final
Shiro integration, hopefully to be included in the 5.10 release.
We've worked out pretty much all of the kinks, and have 100% test coverage,
with weeks of integration testing in multiple environments. We're now
using it in production at Stormpath, so I'm comfortable marking the work as
'done' to be included in the main ActiveMQ branch.
I'll attach the patch today asap!
Best,
Les
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
On Tue, Jun 4, 2013 at 10:18 AM, Christian Posta
<ch...@gmail.com>wrote:
> Awesome, Les, thanks! I will take a look tonight.
>
>
> On Mon, Jun 3, 2013 at 11:11 AM, Les Hazlewood <le...@stormpath.com> wrote:
>
> > I made quite a bit of progress over the weekend. Here is the result
> > of the latest effort:
> >
> > https://github.com/lhazlewood/activemq/tree/trunk/activemq-shiro
> >
> > Change log is here:
> >
> >
> >
> https://github.com/lhazlewood/activemq/commit/be2100ea2c5a421cd21a4c3ae158c65e6e14490f
> >
> > It works as follows:
> >
> > The ShiroPlugin installs 2 BrokerFilters at the moment:
> >
> > - A SubjectFilter which is responsible for constructing and
> > associating a Subject instance with Connections. Downstream filters
> > perform actual security checks.
> > - An AuthenticationFilter (downstream from the SubjectFilter) that
> > enforces client authentication as necessary. It supports system and
> > anonymous connections as well if desired.
> >
> > I still have to create an AuthorizationFilter (that would be
> > downstream from the AuthenticationFilter) that would allow access
> > control checks (can you subscribe to a destination or not, etc).
> >
> > All of this code is tested with 100% class, method and line coverage.
> >
> > Comments, suggestions and feedback are most welcome.
> >
> > Cheers,
> >
> > --
> > Les Hazlewood | @lhazlewood
> > CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
> > PMC Chair, Apache Shiro: http://shiro.apache.org
> >
>
>
>
> --
> *Christian Posta*
> http://www.christianposta.com/blog
> twitter: @christianposta
>
Re: Apache Shiro integration status
Posted by Les Hazlewood <lh...@apache.org>.
This is now finished and ready to be incorporated into trunk!
The patch attached to https://issues.apache.org/jira/browse/AMQ-3621
Can someone please apply this patch (instructions in the issue) and push
the changes back to trunk ASAP? I want to eliminate any conflicts that
would surface due to trunk changes over time.
Thanks!
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
On Mon, Feb 17, 2014 at 4:53 PM, Les Hazlewood <lh...@apache.org>wrote:
> Please excuse the double post, but I thought I'd do it just in case since
> the other thread was about Apollo.
>
> Hi all,
>
> An update:
>
> My former repo at https://github.com/lhazlewood/
> activemq/tree/trunk/activemq-shiro is now out of date: I basically
> created that repository before ActiveMQ moved to git. Now that ActiveMQ is
> on git, I've picked up from where I left off there in a personal local
> clone of the ActiveMQ git repo.
>
> Anyway, the good news is that I'm about to attach a patch for the final
> Shiro integration, hopefully to be included in the 5.10 release.
>
> We've worked out pretty much all of the kinks, and have 100% test
> coverage, with weeks of integration testing in multiple environments.
> We're now using it in production at Stormpath, so I'm comfortable marking
> the work as 'done' to be included in the main ActiveMQ branch.
>
> I'll attach the patch today asap!
>
> Best,
>
> Les
>
> --
> Les Hazlewood | @lhazlewood
> CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
>
>
> On Tue, Jun 4, 2013 at 10:18 AM, Christian Posta <
> christian.posta@gmail.com> wrote:
>
>> Awesome, Les, thanks! I will take a look tonight.
>>
>>
>> On Mon, Jun 3, 2013 at 11:11 AM, Les Hazlewood <le...@stormpath.com> wrote:
>>
>> > I made quite a bit of progress over the weekend. Here is the result
>> > of the latest effort:
>> >
>> > https://github.com/lhazlewood/activemq/tree/trunk/activemq-shiro
>> >
>> > Change log is here:
>> >
>> >
>> >
>> https://github.com/lhazlewood/activemq/commit/be2100ea2c5a421cd21a4c3ae158c65e6e14490f
>> >
>> > It works as follows:
>> >
>> > The ShiroPlugin installs 2 BrokerFilters at the moment:
>> >
>> > - A SubjectFilter which is responsible for constructing and
>> > associating a Subject instance with Connections. Downstream filters
>> > perform actual security checks.
>> > - An AuthenticationFilter (downstream from the SubjectFilter) that
>> > enforces client authentication as necessary. It supports system and
>> > anonymous connections as well if desired.
>> >
>> > I still have to create an AuthorizationFilter (that would be
>> > downstream from the AuthenticationFilter) that would allow access
>> > control checks (can you subscribe to a destination or not, etc).
>> >
>> > All of this code is tested with 100% class, method and line coverage.
>> >
>> > Comments, suggestions and feedback are most welcome.
>> >
>> > Cheers,
>> >
>> > --
>> > Les Hazlewood | @lhazlewood
>> > CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
>> > PMC Chair, Apache Shiro: http://shiro.apache.org
>> >
>>
>>
>>
>> --
>> *Christian Posta*
>> http://www.christianposta.com/blog
>> twitter: @christianposta
>>
>
>