[
https://issues.apache.org/jira/browse/AMQ-3621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13674503#comment-13674503
]
Les Hazlewood commented on AMQ-3621:
------------------------------------
An update for those following this issue that might not be following the
ActiveMQ dev mailing list:
I made quite a bit of progress over the weekend. Here is the result of the
latest effort:
https://github.com/lhazlewood/activemq/tree/trunk/activemq-shiro
Change log is here:
https://github.com/lhazlewood/activemq/commit/be2100ea2c5a421cd21a4c3ae158c65e6e14490f
It works as follows:
The ShiroPlugin installs 2 BrokerFilters at the moment:
- A SubjectFilter which is responsible for constructing and associating a
Subject instance with Connections. Downstream filters perform actual security
checks.
- An AuthenticationFilter (downstream from the SubjectFilter) that enforces
client authentication as necessary. It supports system and anonymous
connections as well if desired.
I still have to create an AuthorizationFilter (that would be downstream from
the AuthenticationFilter) that would allow access control checks (can you
subscribe to a destination or not, etc).
All of this code is tested with 100% class, method and line coverage.
Comments, suggestions and feedback are most welcome.
> Integrate Apache Shiro with ActiveMQ as "security solution"
> -----------------------------------------------------------
>
> Key: AMQ-3621
> URL: https://issues.apache.org/jira/browse/AMQ-3621
> Project: ActiveMQ
> Issue Type: Improvement
> Reporter: Cservenak, Tamas
>
> Integrate Apache Shiro with ActiveMQ as "security solution".
> This would benefit for ActiveMQ to have support for a vast amount of already
> existing solution (Realm implementations) that are out there for Shiro.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
