Hello!
I'm working with a custom authentication mechanism for a few projects.
I'd like to be able to implement that mechanism within ActiveMQ Artemis.
Is there any documentation on adding new authentication mechanisms? It
seems like I should be able to register a new SASL mechanism somewhere
and then have ActiveMQ call my own code to do the authentication. If
not, is there another method that's better suited than SASL?
While the new authentication mechanism is documented in a specification,
it's essentially "proprietary" and probably not of general use to others.
For the morbidly curious: The connecting client forwards the public part
of an Ed448 keypair. The server checks to see if the public key is
registered in its own database. If not, authentication fails. If the
public key _is_ known to the server, the server sends a long random
string. The client signs the long random string, and sends it back. The
server verifies the signature on the long random string (thus seeing if
the client can prove that it owns the private key associated with the
keypair). This is basically analogous to SSH public key authentication.
--
Mark Raynsford | https://www.io7m.com
