org.apache.activemq.security
Class JaasDualAuthenticationBroker

java.lang.Object
  org.apache.activemq.broker.BrokerFilter
      org.apache.activemq.security.JaasDualAuthenticationBroker

All Implemented Interfaces:

Broker, Region, Service

public class JaasDualAuthenticationBroker
extends BrokerFilter

A JAAS Authentication Broker that uses different JAAS domain configurations depending if the connection is over an SSL enabled Connector or not. This allows you to, for instance, do DN based authentication for SSL connections and use a mixture of username/passwords and simple guest authentication for non-SSL connections.

An example login.config to do do this is:

 activemq-domain {
   org.apache.activemq.jaas.PropertiesLoginModule sufficient
       debug=true
       org.apache.activemq.jaas.properties.user="users.properties"
       org.apache.activemq.jaas.properties.group="groups.properties";
   org.apache.activemq.jaas.GuestLoginModule sufficient
       debug=true
       org.apache.activemq.jaas.guest.user="guest"
       org.apache.activemq.jaas.guest.group="guests";
 };

 activemq-ssl-domain {
   org.apache.activemq.jaas.TextFileCertificateLoginModule required
       debug=true
       org.apache.activemq.jaas.textfiledn.user="dns.properties"
       org.apache.activemq.jaas.textfiledn.group="groups.properties";
 };
 

Field Summary

Fields inherited from class org.apache.activemq.broker.BrokerFilter

next

Constructor Summary

JaasDualAuthenticationBroker(Broker next, String jaasConfiguration, String jaasSslConfiguration)
Simple constructor.

Method Summary

void	addConnection(ConnectionContext context, ConnectionInfo info) Overridden to allow for authentication using different Jaas configurations depending on if the connection is SSL or not.
void	removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error) Overriding removeConnection to make sure the security context is cleaned.
void	removeDestination(ConnectionContext context, ActiveMQDestination destination, long timeout) Used to destroy a destination.

Methods inherited from class org.apache.activemq.broker.BrokerFilter

acknowledge, addBroker, addConsumer, addDestination, addDestinationInfo, addProducer, addSession, beginTransaction, brokerServiceStarted, commitTransaction, fastProducer, forgetTransaction, gc, getAdaptor, getAdminConnectionContext, getBrokerId, getBrokerName, getBrokerSequenceId, getBrokerService, getClients, getDestinationMap, getDestinations, getDestinations, getDurableDestinations, getExecutor, getPeerBrokerInfos, getPreparedTransactions, getRoot, getScheduler, getTempDataStore, getVmConnectorURI, isExpired, isFaultTolerantConfiguration, isFull, isStopped, messageConsumed, messageDelivered, messageDiscarded, messageExpired, messagePull, networkBridgeStarted, networkBridgeStopped, nowMasterBroker, postProcessDispatch, prepareTransaction, preProcessDispatch, processConsumerControl, processDispatchNotification, removeBroker, removeConsumer, removeDestinationInfo, removeProducer, removeSession, removeSubscription, rollbackTransaction, send, sendToDeadLetterQueue, setAdminConnectionContext, slowConsumer, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JaasDualAuthenticationBroker

public JaasDualAuthenticationBroker(Broker next,
                                    String jaasConfiguration,
                                    String jaasSslConfiguration)

Simple constructor. Leaves everything to superclass.

Parameters:

next - The Broker that does the actual work for this Filter.

jaasConfiguration - The JAAS domain configuration name for non-SSL connections (refer to JAAS documentation).

jaasSslConfiguration - The JAAS domain configuration name for SSL connections (refer to JAAS documentation).

Method Detail

addConnection

public void addConnection(ConnectionContext context,
                          ConnectionInfo info)
                   throws Exception

Overridden to allow for authentication using different Jaas configurations depending on if the connection is SSL or not.

Specified by:

addConnection in interface Broker

Overrides:

addConnection in class BrokerFilter

Parameters:

context - The context for the incoming Connection.

info - The ConnectionInfo Command representing the incoming connection.

Throws:

Exception - TODO

removeConnection

public void removeConnection(ConnectionContext context,
                             ConnectionInfo info,
                             Throwable error)
                      throws Exception

Overriding removeConnection to make sure the security context is cleaned.

Specified by:

removeConnection in interface Broker

Overrides:

removeConnection in class BrokerFilter

Parameters:

context - the environment the operation is being executed under.

error - null if the client requested the disconnect or the error that caused the client to disconnect.

Throws:

Exception - TODO

removeDestination

public void removeDestination(ConnectionContext context,
                              ActiveMQDestination destination,
                              long timeout)
                       throws Exception

Description copied from interface: Region

Used to destroy a destination. This should try to quiesce use of the destination up to the timeout allotted time before removing the destination. This will remove all persistent messages associated with the destination.

Specified by:

removeDestination in interface Region

Overrides:

removeDestination in class BrokerFilter

Parameters:

context - the environment the operation is being executed under.

destination - what is being removed from the broker.

timeout - the max amount of time to wait for the destination to quiesce

Throws:

Exception - TODO