ViliusS commented on a change in pull request #4001:
URL: https://github.com/apache/activemq-artemis/pull/4001#discussion_r841233217
##########
File path: docs/user-manual/en/security.md
##########
@@ -1221,6 +1221,11 @@ management performed on the live broker will be
reflected on the backup upon
failover. Typically LDAP would be employed for this kind of use-case, but not
everyone wants or is able to administer an independent LDAP server.
+> **Note:**
+>
+> `ActiveMQBasicSecurityManager` works only with standalone broker
+> configuration or with live/backup clusters. It won't work with multiple
lives.
+
Review comment:
I ment JAAS security manager _when using PropertiesLogin module_. All of
the security managers work in a cluster per se obviously, but it doesn't mean
that the result for the end user/Artemis administrator is the same. At least
during my tests credential propagation works three different ways:
1. ActiveMQBasicSecurityManager propagates credentials in live/backup pair
but not on other lives.
2. JAAS security manager with PropertiesLogin module doesn't propagate
credentials at all because (at least by default) properties files are stored on
one node.
3. JAAS security manager with LDAP module can be used with multiple lives
and backups.
All of these can be unclear for newcomers since they do not know how exactly
Artemis internals work. That's why I think it is a good idea to mention this
somewhere.
I will try to reword my patch a bit.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
