----- "James Strachan" <[EMAIL PROTECTED]> wrote:
> On 6/2/07, Tom Samplonius <[EMAIL PROTECTED]> wrote:
> >
> > How much more work needs to occur to get Stomp protocol support to
> a usable state?
>
> Huh? :) Its very useable right now
>
>
> > The biggest issue is lack of any authentication support for Stomp,
> so anyone with access to the Stomp port can get and send anything. I
> can't imagine that anyone is using Stomp in production yet.
>
> Stomp has always supported authentication (on the CONNECT) which
> plugs
> into the underlying message brokers security & authentication
> mechanism.
Actually, it appears that the username and password are ignored. I fought
with JAAS for about four hours before decided to try to read the code, and the
comments say that the password is ignored. There appears to be no way to get a
config that doesn't
check the password. From ProtocolConvertor.java:
// allow anyone to login for now
String login = (String)headers.get(Stomp.Headers.Connect.LOGIN);
String passcode = (String)headers.get(Stomp.Headers.Connect.PASSCODE);
String clientId = (String)headers.get(Stomp.Headers.Connect.CLIENT_ID);
There is no indication there is any attempt to validate the username and
password via any sort of auth plugin. I assume based on the "for now" comment,
that someone is working on this.
Interestingly, I check StompConnect, and it has very similar code to
ActiveMQ, and it appears to actually pass the username and password over to
JMS. I suppose using StompConnect in front of ActiveMQ would result in a
working configuration, but would be, frankly, bizarre.
> > But is anyone working on this? I've looked into the JAAS stuff,
> and the Stomp code in ActiveMQ. It would take me a week to figure out
> how to wrap Stomp with JAAS, as I have never worked with JAAS before.
> I assume the original author of the Stomp support probably skipped
> authentication. Does anyone have any patches? Or any insight on how
> to fix this? I really want usable Stomp support in ActiveMQ.
>
>
> Just use the JAAS plugin in ActiveMQ and you're good to go; the Stomp
> code uses whatever security plugin you're using
Have you actually tried this? I've setup JAAS, and it all appears good, but
it is a bit concerning when you change the password on a consume, and it still
works...
> > The Web Console has similar issues. There is no easy way to
> password protect it. But if you password protect JMX access, it will
> break the Web Console.
>
> Thats more of a JMX thing really; you can enable security on JMX. The
> web console is also a WAR; so you can use the normal servlet security
> stuff too
I imagine so. JMX is a pain in general.
> > I assume that everyone that uses ActiveMQ in production today, is
> using just OpenWire and JMX, and not the Web Console or Stomp. Is
> that the case? Or, are users not aware of the default-open security
> configuration of ActiveMQ?
>
> I know lots of folks using both the Web Console and Stomp in
> production with security
By all means, tell me how. Web Console can be protected with servlet
security, which is fine.
But I assume I'm correct, that the only way to protect JMX, is to the use the
Sun JMX connector? I documented how I did it, on the JMX page on the Wiki.
And ActiveMQ does ship in a completely wide-open configuration. That is
definitely a throw-back to an previous time. I'd post a activemq.xml with
everything locked down, for inclusion in the next release, if I could figure it
out.
> --
> James
> -------
> http://macstrac.blogspot.com/
Tom
