[
https://issues.apache.org/jira/browse/AMQ-9800?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18053076#comment-18053076
]
Matt Pavlovich commented on AMQ-9800:
-------------------------------------
I'm not opposed to a Plugin to handle this, but we would gain a greater
security stance if this was built into the TransportConnector itself-- closing
the connection when not in an _allowedList_ would prevent any receive from
coming into the broker.
The security gap with using a Plugin is the first entry point is past any
protocol command being received.
> Add IP allowed addresses support in the broker
> ----------------------------------------------
>
> Key: AMQ-9800
> URL: https://issues.apache.org/jira/browse/AMQ-9800
> Project: ActiveMQ
> Issue Type: New Feature
> Components: Broker, Security/JAAS
> Reporter: Jean-Baptiste Onofré
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: 6.3.0, 6.2.1
>
>
> Currently, the only way to filter IP addresses for the users is to create a
> custom broker plugin to intercept and filter.
> We received several requests from users who want to "simplify" this and be
> able to define allowed IP addresses "out of the box".
> I will create the broker plugin and filter (with the corresponding XBean
> configuration).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
