I made quite a bit of progress over the weekend. Here is the result of the latest effort:
https://github.com/lhazlewood/activemq/tree/trunk/activemq-shiro Change log is here: https://github.com/lhazlewood/activemq/commit/be2100ea2c5a421cd21a4c3ae158c65e6e14490f It works as follows: The ShiroPlugin installs 2 BrokerFilters at the moment: - A SubjectFilter which is responsible for constructing and associating a Subject instance with Connections. Downstream filters perform actual security checks. - An AuthenticationFilter (downstream from the SubjectFilter) that enforces client authentication as necessary. It supports system and anonymous connections as well if desired. I still have to create an AuthorizationFilter (that would be downstream from the AuthenticationFilter) that would allow access control checks (can you subscribe to a destination or not, etc). All of this code is tested with 100% class, method and line coverage. Comments, suggestions and feedback are most welcome. Cheers, -- Les Hazlewood | @lhazlewood CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
