I think there is a deeper than a threading issue here. The subject needs to be forwarded with th message as it can be read on any machine and should still be authenticate. Usually the way these things are handled is by writing a message security interceptor that wraps the message in an security envelope that contains the subject information which is then used by shiro. I did something like this but for EJB invocations in my FlowLogix tapestry utility library ( http://code.google.com/p/flowlogix/ ). Look at the shiro interceptor filter.
On Dec 1, 2011, at 1:43 PM, Les Hazlewood <[email protected]> wrote: > Hi Brian, > > I don't know the answer to this myself, but I'd be interested if you > find out! I assume the ActiveMQ list will be able to tell you the > threading details. If you find out and need some 'frameworky' > assistance in integrating Shiro, please let us know. I'd be happy to > help if I can. > > Cheers, > > Les > > On Thu, Dec 1, 2011 at 8:08 AM, Brian Demers <[email protected]> wrote: >> Has anyone created (or know of a lib) an ActiveMQ BrokerFilter for Shiro? >> >> I started looking into doing this (so I would at least ask the right >> questions). It was easy to get authc working, but after that I started >> scratching my head. I don't know enough (at the moment) about the threading >> model of activeMQ to know when/if the subject should be bound to the >> ThreadContext, or if/when subject.execute() can be called. >> >> Any ideas or nudges in the right direction? >> >> -Brian >
