[
https://issues.apache.org/jira/browse/ARTEMIS-1884?focusedWorklogId=493299&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-493299
]
ASF GitHub Bot logged work on ARTEMIS-1884:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 01/Oct/20 05:47
Start Date: 01/Oct/20 05:47
Worklog Time Spent: 10m
Work Description: michaelandrepearce commented on a change in pull
request #3281:
URL: https://github.com/apache/activemq-artemis/pull/3281#discussion_r497996401
##########
File path:
artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
##########
@@ -339,6 +339,22 @@ public static String getUserFromSubject(Subject subject) {
return validatedUser;
}
+ /**
+ * Get the cached Subject. If the Subject is not in the cache then
authenticate again to retrieve
+ * it.
+ *
+ * @param session contains the authentication data
+ * @return the authenticated Subject with all associated role principals or
null if not
+ * authenticated or JAAS is not supported by the SecurityManager.
+ */
+ @Override
+ public Subject getSessionSubject(SecurityAuth session) {
+ if (securityManager instanceof ActiveMQSecurityManager5) {
Review comment:
This is a little specific, why only 5
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 493299)
Time Spent: 1h 10m (was: 1h)
> ActiveMQ5-like message-level authorization
> ------------------------------------------
>
> Key: ARTEMIS-1884
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1884
> Project: ActiveMQ Artemis
> Issue Type: New Feature
> Components: Broker
> Reporter: Johan Stenberg
> Priority: Major
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> In ActiveMQ 5 we have
> [MessageAuthorizationPolicy|https://activemq.apache.org/maven/apidocs/org/apache/activemq/security/MessageAuthorizationPolicy.html].
> We would need a similar feature in Artemis to being able to migrate to it.
> In Artemis exists the
> [ActiveMQServerPlugin#beforeDeliver|https://github.com/apache/activemq-artemis/blob/master/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/plugin/ActiveMQServerPlugin.java#L502]
> callback method were we probably could prevent message delivery by throwing
> an exception but using exceptions for flow control feels like a very wrong
> thing to do here.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
