Hi,
I am working on LDAPAuthorizationMap to enable use of LDAP for storing
access privilege information. The project I am engaged in requires dynamic
creation of destinations and users so external source of authentication and
authorization information is crucial.
I checked out code from SVN and managed to build it with Maven and Eclipse.
Thanks to Hiram and James for instructions. :-) The idea of
LDAPAuthorizationMap is simple: there is hierarchy like this one:
destinations
topic
topicA
read: role1
read: role2
write: role3
admin: role2
queue
queue1
read: roleA
write: roleB
write: roleC
admin: roleD
It is quite easy to obtain read, write and admin ACLs from this hierarchy.
However, looking at the code of DefaultAthorizationMap, AuthorizationEntry,
DestinationMap and DestinationMapEntry I cannot clearly differentiate
between default behaviour of AuthorizationMap (except for the interface) and
implementation specifics of authorization map defined in AMQ config file.
My questions (that I believe will clear something out for me):
- how are authorization data from AMQ config file passed to the code? I
believe it is DefaultAuthorizationMap or SimpleAuthorizationMap.
- how should I specify LDAP configuration in AMQ config? These config
information are similar to those of LDAPLoginModule which are specified in
java VM login policy file.
- AuthorizationMap is supposed to return Set of privileged Principals.
DefaultAuthorizationMap relies on AuthorizationEntry that seems specific to
AMQ config file (parseACLs(String) method parses String from config file).
Am I supposed to create a subclass of AuthorizationEntry that will return
information parsed from LDAP server?
I would really appreciate some guidance.
Regards,
NGC
--
View this message in context:
http://www.nabble.com/LDAP-Authorization-t1851705.html#a5055596
Sent from the ActiveMQ - Dev forum at Nabble.com.
