ActiveMQ support for SSL authentication and authorization
---------------------------------------------------------
Key: AMQ-912
URL: https://issues.apache.org/activemq/browse/AMQ-912
Project: ActiveMQ
Issue Type: Improvement
Components: Test Cases, Transport
Reporter: Sepand Mavandadi
Attachments: ssl_certifiacte_auth_patch.txt
This patch adds new Transports, Brokers, and Plugins needed for authentication
and authorization based on SSL certificates.
It also adds a few unit tests for the mentioned classes.
The new (or heavily modified) SslTransport, SslTransportServer, and
SslTransportFactory classes allow for access to the underlying socket's need
and want client auth settings. If a certificate is found, it is set as the
transportContext of the created connection.
The JaasCertificateAuthenticationBroker uses the new CertificateLoginModule to
authenticate certificates (this class is abstract to allow for different
backends for certificate authentication, a concrete class is
TextFileCertificateLoginModule).
JaasCertificateAuthenticationBroker also sets the security context's user name
to that provided for the certificate by the login module. This allows for
authorization using the existing authorization broker.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://issues.apache.org/activemq/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
