On Mon, Dec 7, 2009 at 10:37 AM, Tim Platten <[email protected]> wrote: > > We need to authenticate that a client is connecting from a known list of > acceptable IP addresses (for that particular client). We would then maintain > a list of valid IP addresses per client (username). >
IMO the preferred solution is to use firewall rules. But sometimes it may not be possible. The java broker implements a similar feature if it really needs to be done at the broker level. http://qpid.apache.org/ip-whitelisting.html Looking at the above it seems that we could possibly handle the above with an extension in the ACL mechanism itself. The ACL already have code for allow/deny per user/group. So extending that should be fairly simple. Regards, Rajith > Carl Trieloff wrote: >> >> Tim Platten wrote: >>> Hi, >>> >>> We have a requirement for the Qpid broker to simply authenticate a client >>> connection using username, password and remote IP address(es). Any >>> suggestions about how we might go about this? Kerberos is not an option. >>> >>> >> >> Can you explain the "remote IP address(s)" requirement? >> >> Carl. >> >> --------------------------------------------------------------------- >> Apache Qpid - AMQP Messaging Implementation >> Project: http://qpid.apache.org >> Use/Interact: mailto:[email protected] >> >> >> > > -- > View this message in context: > http://n2.nabble.com/Remote-IP-authentication-tp4126382p4126638.html > Sent from the Apache Qpid users mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > Apache Qpid - AMQP Messaging Implementation > Project: http://qpid.apache.org > Use/Interact: mailto:[email protected] > > -- Regards, Rajith Attapattu Red Hat http://rajith.2rlabs.com/ --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:[email protected]
