Looking at this more carefully, I have a couple of questions. First, I am not seeing any way to distinguish brokers from regular clients. We have a specific need to authenticate brokers in a different manner than clients. We want our brokers to accept connections from end clients but prevent those clients from connecting their own brokers to the network - in part to prevent bypass of our custom security.
Second, looking at broker-to-broker connections, is there any potential security hole with the timing of security placed in a BrokerFilter? Looking at TransportConnection's processBrokerInfo(), several steps are taken to establish additional connections to slave brokers and duplex connections before BrokerFilter's addBroker() is called. Even if these are disposed promptly on denying the broker access, I'm concerned there is time for such a broker to gain unauthorized access to data. -- View this message in context: http://activemq.2283324.n4.nabble.com/BrokerFilter-securing-addBroker-via-SSL-certs-tp3086239p3230476.html Sent from the ActiveMQ - Dev mailing list archive at Nabble.com.
