Try something like:
((ActiveMQConnection)connection).addTransportListener(new
DefaultTransportListener(){
public void transportResumed(){
connection.setPassword( GET_NEW_TOKEN() );
}
});
On Wed, Nov 20, 2013 at 9:49 AM, Harman <[email protected]> wrote:
> We are using failover transport for connecting to network of brokers and we
> are using kerberos for authentication and authorization.
>
> During connection setup in connection factory create connection we generate
> a kerberos token and set is in the password field of the AMQ connection
> factory. Broker authenticates this token and authorizes the connecting
> service.
>
> But problem arises during failover when primary broker goes down. At this
> time failover transport kicks in and copies the connection data from
> ConnectionInfo class which has cached copy of kerberos token generated
> during initial connection and uses this data to connect to second broker.
> Now second broker is not able to authenticate using this token as it has
> already expired.
>
> I wanted to reach out to dev community to see if there is a way to
> regenerate password (token) during failover. I am sure we are not the only
> ones trying to stuff short-lived credentials into the JMS password field.
>
> Please let me know if you have any suggestions.
>
>
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/AMQ-5-8-Issue-with-re-generating-Kerberos-token-during-failover-tp4674700.html
> Sent from the ActiveMQ - Dev mailing list archive at Nabble.com.
--
Hiram Chirino
Engineering | Red Hat, Inc.
[email protected] | fusesource.com | redhat.com
skype: hiramchirino | twitter: @hiramchirino
blog: Hiram Chirino's Bit Mojo
