|
Page Created :
qpid :
Java authorization plugins
Java authorization plugins has been created by Aidan Skinner (Jan 21, 2009). Content:It would be useful to provide pluggable authorization mechanisms. A SecurityManager interface would collect all the available plugins from OSGi and present a singelton interface to frame handlers and JMX methods. Methods such as boolean allowAccess(Session session, VirtualHost host) or boolean allowBind(Session session, Exchange exch, String routingkey, Queue queue) would be called and return true or false depending on if the action was allowed. Each plugin would be processed until one returned false, at which point access would be denied. If all plugins allowed access, true would be returned. This would allow arbitrary and custom authorization mechanisms to be plugged into the broker, potentially including things like access restricted by IP Address or looking up information in LDAP. Or capriciously allowing or denying access based on a PRNG. |
Unsubscribe or edit your notifications preferences
