Please excuse the double post, but I thought I'd do it just in case since the other thread was about Apollo.
Hi all, An update: My former repo at https://github.com/lhazlewood/ activemq/tree/trunk/activemq-shiro is now out of date: I basically created that repository before ActiveMQ moved to git. Now that ActiveMQ is on git, I've picked up from where I left off there in a personal local clone of the ActiveMQ git repo. Anyway, the good news is that I'm about to attach a patch for the final Shiro integration, hopefully to be included in the 5.10 release. We've worked out pretty much all of the kinks, and have 100% test coverage, with weeks of integration testing in multiple environments. We're now using it in production at Stormpath, so I'm comfortable marking the work as 'done' to be included in the main ActiveMQ branch. I'll attach the patch today asap! Best, Les -- Les Hazlewood | @lhazlewood CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282 On Tue, Jun 4, 2013 at 10:18 AM, Christian Posta <[email protected]>wrote: > Awesome, Les, thanks! I will take a look tonight. > > > On Mon, Jun 3, 2013 at 11:11 AM, Les Hazlewood <[email protected]> wrote: > > > I made quite a bit of progress over the weekend. Here is the result > > of the latest effort: > > > > https://github.com/lhazlewood/activemq/tree/trunk/activemq-shiro > > > > Change log is here: > > > > > > > https://github.com/lhazlewood/activemq/commit/be2100ea2c5a421cd21a4c3ae158c65e6e14490f > > > > It works as follows: > > > > The ShiroPlugin installs 2 BrokerFilters at the moment: > > > > - A SubjectFilter which is responsible for constructing and > > associating a Subject instance with Connections. Downstream filters > > perform actual security checks. > > - An AuthenticationFilter (downstream from the SubjectFilter) that > > enforces client authentication as necessary. It supports system and > > anonymous connections as well if desired. > > > > I still have to create an AuthorizationFilter (that would be > > downstream from the AuthenticationFilter) that would allow access > > control checks (can you subscribe to a destination or not, etc). > > > > All of this code is tested with 100% class, method and line coverage. > > > > Comments, suggestions and feedback are most welcome. > > > > Cheers, > > > > -- > > Les Hazlewood | @lhazlewood > > CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282 > > PMC Chair, Apache Shiro: http://shiro.apache.org > > > > > > -- > *Christian Posta* > http://www.christianposta.com/blog > twitter: @christianposta >
