unable to implement custom broker-to-broker authorization
---------------------------------------------------------
Key: AMQ-3154
URL: https://issues.apache.org/jira/browse/AMQ-3154
Project: ActiveMQ
Issue Type: Bug
Components: Broker
Affects Versions: 5.4.2
Reporter: Arthur Naseef
Ran into the following issues preventing a custom Broker-To-Broker
authentication implementation:
- BrokerFilter's addBroker() can not be used to secure a connection:
- for duplex connections, it is never called on the initial conneciton
- even if addBroker() throws an exception, it does not deny access (it
does not close the connection nor prevent other functioning)
- addBroker() does not have direct access to the ConnectionContext, nor
any other means for the BrokerFilter to access SSL certificates on the SSL
transport
- BrokerFilter's addConnection() can not be used to secure a connection:
- there is no way to distinguish broker connections from clients
Other approaches were considered, but lead to dead-ends.
It seems the optimal solution would use the existing addBroker() method.
A patch will be provided that adds a new method specifically for securing
Broker-To-Broker connections.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
