ASF GitHub Bot commented on ARTEMIS-1740:

Github user jbertram commented on the issue:

    This looks good except for a few things:
    - I would rather not have an additional file for the regex properties. I 
think it would be better to instead denote the regex in the normal user 
properties file using the traditional forward slashes (as described in the 
    - There's no documentation. The new functionality should be documented in 
    - I'd like to see an integration test added to 
There's several tests in there already which test cert-based login.

> Add support for regex based certificate authentication
> ------------------------------------------------------
>                 Key: ARTEMIS-1740
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1740
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>            Reporter: Lionel Cons
>            Priority: Major
> The current certificate authentication module 
> ({{TextFileCertificateLoginModule}}) uses a file mapping user names to DNs.
> In some cases, the list of known DNs can be large and dynamic. This is the 
> case for instance when using host certificates.
> Host certificates could be very dynamic (when new virtual machines get 
> created) while keeping a fixed structure such as {{CN=hostxyz.acme.org, 
> OU=computers, DC=acme, DC=org}}. It is impractical to generate all the 
> possible DNs and feed this to Artemis.
> It would be very useful to have regular expression based certificate 
> authentication. With the example above, we could have a single line:
> {quote}
> acme.computers=/^CN=\w+\.acme\.org, OU=computers, DC=acme, DC=org$/
> {quote}

This message was sent by Atlassian JIRA

Reply via email to