org.apache.activemq.security
Class JaasDualAuthenticationBroker

java.lang.Object
  extended by org.apache.activemq.broker.BrokerFilter
      extended by org.apache.activemq.security.JaasDualAuthenticationBroker
All Implemented Interfaces:
Broker, Region, Service

public class JaasDualAuthenticationBroker
extends BrokerFilter

A JAAS Authentication Broker that uses different JAAS domain configurations depending if the connection is over an SSL enabled Connector or not. This allows you to, for instance, do DN based authentication for SSL connections and use a mixture of username/passwords and simple guest authentication for non-SSL connections.

An example login.config to do do this is:

 activemq-domain {
   org.apache.activemq.jaas.PropertiesLoginModule sufficient
       debug=true
       org.apache.activemq.jaas.properties.user="users.properties"
       org.apache.activemq.jaas.properties.group="groups.properties";
   org.apache.activemq.jaas.GuestLoginModule sufficient
       debug=true
       org.apache.activemq.jaas.guest.user="guest"
       org.apache.activemq.jaas.guest.group="guests";
 };

 activemq-ssl-domain {
   org.apache.activemq.jaas.TextFileCertificateLoginModule required
       debug=true
       org.apache.activemq.jaas.textfiledn.user="dns.properties"
       org.apache.activemq.jaas.textfiledn.group="groups.properties";
 };
 


Field Summary
 
Fields inherited from class org.apache.activemq.broker.BrokerFilter
next
 
Constructor Summary
JaasDualAuthenticationBroker(Broker next, String jaasConfiguration, String jaasSslConfiguration)
          Simple constructor.
 
Method Summary
 void addConnection(ConnectionContext context, ConnectionInfo info)
          Overridden to allow for authentication using different Jaas configurations depending on if the connection is SSL or not.
 void removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error)
          Overriding removeConnection to make sure the security context is cleaned.
 
Methods inherited from class org.apache.activemq.broker.BrokerFilter
acknowledge, addBroker, addConsumer, addDestination, addDestinationInfo, addProducer, addSession, beginTransaction, brokerServiceStarted, commitTransaction, fastProducer, forgetTransaction, gc, getAdaptor, getAdminConnectionContext, getBrokerId, getBrokerName, getBrokerSequenceId, getBrokerService, getClients, getDestinationMap, getDestinations, getDestinations, getDurableDestinations, getExecutor, getPeerBrokerInfos, getPreparedTransactions, getRoot, getScheduler, getTempDataStore, getVmConnectorURI, isExpired, isFaultTolerantConfiguration, isFull, isStopped, messageConsumed, messageDelivered, messageDiscarded, messageExpired, messagePull, networkBridgeStarted, networkBridgeStopped, nowMasterBroker, postProcessDispatch, prepareTransaction, preProcessDispatch, processConsumerControl, processDispatchNotification, removeBroker, removeConsumer, removeDestination, removeDestinationInfo, removeProducer, removeSession, removeSubscription, rollbackTransaction, send, sendToDeadLetterQueue, setAdminConnectionContext, slowConsumer, start, stop
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

JaasDualAuthenticationBroker

public JaasDualAuthenticationBroker(Broker next,
                                    String jaasConfiguration,
                                    String jaasSslConfiguration)
Simple constructor. Leaves everything to superclass.

Parameters:
next - The Broker that does the actual work for this Filter.
jaasConfiguration - The JAAS domain configuration name for non-SSL connections (refer to JAAS documentation).
jaasSslConfiguration - The JAAS domain configuration name for SSL connections (refer to JAAS documentation).
Method Detail

addConnection

public void addConnection(ConnectionContext context,
                          ConnectionInfo info)
                   throws Exception
Overridden to allow for authentication using different Jaas configurations depending on if the connection is SSL or not.

Specified by:
addConnection in interface Broker
Overrides:
addConnection in class BrokerFilter
Parameters:
context - The context for the incoming Connection.
info - The ConnectionInfo Command representing the incoming connection.
Throws:
Exception - TODO

removeConnection

public void removeConnection(ConnectionContext context,
                             ConnectionInfo info,
                             Throwable error)
                      throws Exception
Overriding removeConnection to make sure the security context is cleaned.

Specified by:
removeConnection in interface Broker
Overrides:
removeConnection in class BrokerFilter
Parameters:
context - the environment the operation is being executed under.
error - null if the client requested the disconnect or the error that caused the client to disconnect.
Throws:
Exception - TODO


Copyright © 2005-2012 The Apache Software Foundation. All Rights Reserved.