[
https://issues.apache.org/jira/browse/AMQ-6980?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Christopher L. Shannon updated AMQ-6980:
----------------------------------------
Fix Version/s: (was: 5.15.5)
> Reverse Proxy: Additional configurable HTTP header attributes
> -------------------------------------------------------------
>
> Key: AMQ-6980
> URL: https://issues.apache.org/jira/browse/AMQ-6980
> Project: ActiveMQ
> Issue Type: New Feature
> Components: Broker
> Affects Versions: 5.15.4
> Reporter: Lars Pfeil
> Priority: Major
> Attachments: HttpTunnelServlet_AdditionalHeaders_Patch.txt,
> WebSEAL_ActiveMQ.png
>
> Original Estimate: 0.5h
> Remaining Estimate: 0.5h
>
>
> *Some reverse proxies e.g. IBM Tivoli Access Manager WebSEAL supply their own
> specific HTTP header attributes for authentication purpose. WebSEAL e.g. adds
> client identity (iv-user), group membership (iv-groups), and credential
> information into the HTTP headers of requests destined for linked third-party
> application servers.*
> *These HTTP header attributes must be extracted from the linked server
> components for authentication. In such environments, only the reverse proxy
> is allowed to manage and access the authentication and authorization
> infrastructure, but not the backend infrastructure (message queue and
> beyond).*
> *Here you can find a graphic with explanations:*
> *[https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Anything%20about%20Tivoli/page/Integrate%20SSO%20on%20Apache%20Tomcat]*
>
> *The graphic WebSEAL_ActiveMQ.png in the appendix describes our usecase.*
> **
> *That’s why we need to patch activeMQ or is there another way already
> existing?*
> **
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
