I finally found a way, but it seems to be a bit dirty. To add some Information to my previous post: I need to handle broker-to-broker connections, not just "normal" connections. From inspecting JaasDualAuthenticationBroker I assume that normal client connections can directly access at least the TcpTransport, which may help, but probably does not, if there is no way back to the original connector.
Anyway, my solution is to build a TransportConnector manually and insert a filter in front of the TransportServer, which in turn adds a Filter to the Transport when it is accepted. The latter filter will then scan every incoming command and modify the userName in BrokerInfo and ConnectionInfo by prepending some tag. That tag can be used in an AuthenticationBroker to differentiate connections from different connectors. -- View this message in context: http://activemq.2283324.n4.nabble.com/Per-transportconnector-authentication-tp3752107p4159985.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.