Interface ActiveMQSecurityManager5
-
- All Superinterfaces:
ActiveMQSecurityManager
- All Known Implementing Classes:
ActiveMQBasicSecurityManager,ActiveMQJAASSecurityManager
public interface ActiveMQSecurityManager5 extends ActiveMQSecurityManager
Used to validate whether a user is authorized to connect to the server and perform certain functions on certain addresses This is an evolution ofActiveMQSecurityManager4that integrates with the new Subject caching functionality.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description Subjectauthenticate(String user, String password, RemotingConnection remotingConnection, String securityDomain)is this a valid user.booleanauthorize(Subject subject, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address)Determine whether the given user has the correct role for the given check type.-
Methods inherited from interface org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager
getDomain, getUserFromSubject, init, validateUser, validateUserAndRole
-
-
-
-
Method Detail
-
authenticate
Subject authenticate(String user, String password, RemotingConnection remotingConnection, String securityDomain) throws NoCacheLoginException
is this a valid user. This method is called instead ofActiveMQSecurityManager.validateUser(String, String).- Parameters:
user- the userpassword- the user's passwordremotingConnection- the user's connection which contains any corresponding SSL certssecurityDomain- the name of the JAAS security domain to use (can be null)- Returns:
- the Subject of the authenticated user, else null
- Throws:
NoCacheLoginException
-
authorize
boolean authorize(Subject subject, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address)
Determine whether the given user has the correct role for the given check type. This method is called instead ofActiveMQSecurityManager.validateUserAndRole(String, String, Set, CheckType).- Parameters:
subject- the Subject to authorizeroles- the roles configured in the security-settingscheckType- which permission to validateaddress- the address (or FQQN) to grant access to- Returns:
- true if the user is authorized, else false
-
-